S21SEC-036-EN Ekiga <= 2.0.5 Denial of service

##############################################################
- S21Sec Advisory -
##############################################################

 Title:             Ekiga Denial of Service
    ID:             S21SEC-036-en

Severity: Medium - Remote DoS
History: 14.May.2007 Vulnerability discovered
09.Jul.2007 Vendor contacted

 Scope:     Application Denial of Service

Platforms: Any
Author: Jose Miguel Esparza ([email protected])
URL: http://www.s21sec.com/avisos/s21sec-036-en.txt
Release: Public

[ SUMMARY ]

Ekiga (formely known as GnomeMeeting) is an open source VoIP and
video conferencing application for
GNOME. Ekiga uses both the H.323 and SIP protocols. It supports many
audio and video codecs, and is
interoperable with other SIP compliant software and also with
Microsoft NetMeeting.

[ AFFECTED VERSIONS ]

Following versions are affected with this issue:
- Ekiga 2.0.5 and prior.

[ DESCRIPTION ]

Due to a bad management of memory allocation for the input data it's
possible to crash the application
causing a denial of service.

[ WORKAROUND ]

Upgrade to 2.0.7 or 2.0.9 versions is recommended to resolve this
problem. If not possible, some
additional input data check will be necessary in the
SIPURL::GetHostAddress() function.

[ ACKNOWLEDGMENTS ]

This vulnerability have been found and researched by:
- Jose Miguel Esparza <[email protected]> S21Sec

[ ADDITIONAL INFORMATION ]

This vulnerability has been discovered thanks to the network fuzzer
Malybuzz disponible in the url
http://malybuzz.sourceforge.net/.

[ REFERENCES ]

• Ekiga
  http://ekiga.org

• S21Sec
  http://www.s21sec.com

• S21sec Blog
  http://blog.s21sec.com

• Malybuzz
  http://www.s21sec.com/malybuzz/malybuzz.html