mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
899 B
899 B
CVE-2007-6626
Description
Multiple buffer overflows in the RTSP_valid_response_msg function in RTSP_state_machine.c in LScube Feng 0.1.15 and earlier allow remote attackers to execute arbitrary code via (1) a long first line of a response, as demonstrated by a long VER line; or (2) a long second line of a response, as demonstrated by a message that follows a RETURN line.
POC
Reference
- http://aluigi.altervista.org/adv/fengulo-adv.txt
- http://aluigi.org/poc/fengulo.zip
- http://securityreason.com/securityalert/3507
Github
No PoCs found on GitHub currently.