Download
| Alert*
oval:org.secpod.oval:def:1700412
Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service via vectors related to a length inconsistency in the crypto_policy_set_from_profile_for_rtp and srtp_protect functions. The encryption-processing feature in Cisco libSRTP before 1.5.3 ... oval:org.secpod.oval:def:504348 The libsrtp package provides an implementation of the Secure Real-time Transport Protocol , the Universal Security Transform , and a supporting cryptographic kernel. Security Fix: * libsrtp: improper handling of CSRC count and extension header length in RTP header * libsrtp: buffer overflow in appl ... oval:org.secpod.oval:def:1503991 [1.4.4-11.20101004cvs] - Fix global buffer overflow Resolves: bz#1301202 - Fix improper handling of CSRC count and extension header length in RTP header Resolves: bz#1323705 - Fix buffer overflow in application of crypto profiles Resolves: bz#1141897 oval:org.secpod.oval:def:205660 The libsrtp package provides an implementation of the Secure Real-time Transport Protocol , the Universal Security Transform , and a supporting cryptographic kernel. Security Fix: * libsrtp: improper handling of CSRC count and extension header length in RTP header * libsrtp: buffer overflow in appl ... oval:org.secpod.oval:def:602456 Randell Jesup and the Firefox team discovered that srtp, Cisco"s reference implementation of the Secure Real-time Transport Protocol , does not properly handle RTP header CSRC count and extension header length. A remote attacker can exploit this vulnerability to crash an application linked against l ... |