lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings.

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched.

  - ekiga: DoS (crash) after receiving call from other party with not UTF-8 valid name (CVE-2012-5621)

Note that Nessus has not tested for this issue but has instead relied on the package manager's report that the package is installed.

The remote Solaris system is missing necessary patches to address security updates.

New upstream ekiga 4.0.1 release

  - Core fixes

    - Fix crash when quitting ekiga while receiving presence       information

    - Fix crash when quitting ekiga right after starting it       (before STUN ending)

    - Fix crash when disabling an account while icons in       roster are changing

    - Fix crash when receiving call a second time

    - Fix crash in XML parsing in case of malicious code       (CVE-2012-5621)

    - Fix increasing CPU usage after hours of usage caused       by endless OPTIONS

    - Several fixes for H.323 :

    - fix H.323 parsing

    - add the username in authentication

    - fix unregistering the gatekeeper

    - fix registration

    - assign gk_name only if success

    - do not propose adding an H.323 account if the protocol       is not built-in

    - Fix registration for registrars accepting the last       Contact item offered

    - Allow to change the REGISTER compatibility mode of an       existing registration

    - Fix impossibility to hangup active call after a missed       call

    - Fix busy or call forwarding on busy occuring when       connection is released

    - Fix subscribing/unsubscribing when enabling and       disabling SIP accounts

    - Do not show is-typing messages sent by other programs       during chatting

    - Stop ongoing registration when remove account

    - Use meaningful names for ALSA sub-devices

    - Allow to enter contact addresses without host part,       and choose the host later

    - Increase number of characters shown in device names

    - Use a better icon for call history in addressbook

    - Show the address instead of 'telephoneNumber' in       addressbook

    - Deactivate NullAudio ptlib's device for audio input       too

    - Do not send OPTIONS messages once the account is       disabled

    - Hide the main window immediately on exit

    - Handle xa status as away

    - Fix debugging message when registering

    - Fix race condition leading to duplicate entry in call       history

    - Fix incoming call if two INVITE's in a fork arrive       very close together

    - Use correct username in OPTIONS messages

    - Allow to have message waiting indication even if       asterisk's vmexten is off

    - Send OPTION only on the right interface

    - Fix buttons direction in dialpad for RTL languages

    - Fix aborting RTP receiver with Polycom HDX8000

    - Fix possible incorrect jitter calculation for RTCP

    - Only kill REGISTER/SUBSCRIBE forks if a 'try again'       response is received

    - Various other fixes

    - Distributor-visible changes

    - Build fixes

    - Fix building opal when java SDK installed and swig is       not

    - Some code cleanup

    - Translation updates

    - Update translations: fr, ml, pt_BR

    - Update help translations: pt_BR

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the version in its SIP banner, the version of Ekiga running on the remote host is potentially affected by a vulnerability that could allow a remote, unauthenticated attacker to cause a denial of service via invalid UTF-8 characters in the remote user's connection data.

ID	Name	Product	Family	Severity
198534	RHEL 6 : ekiga (Unpatched Vulnerability)	Nessus	Red Hat Local Security Checks	high
80602	Oracle Solaris Third-Party Patch Update : ekiga (cve_2012_5621_denial_of)	Nessus	Solaris Local Security Checks	medium
64984	Fedora 18 : ekiga-4.0.1-1.fc18 / opal-3.10.10-1.fc18 / ptlib-2.10.10-1.fc18 (2013-2998)	Nessus	Fedora Local Security Checks	medium
64983	Fedora 17 : ekiga-4.0.1-1.fc17 / opal-3.10.10-1.fc17 / ptlib-2.10.10-1.fc17 (2013-2890)	Nessus	Fedora Local Security Checks	medium
64458	Ekiga < 4.0.0 Invalid UTF-8 Character Connection Data Parsing DoS	Nessus	Denial of Service	medium

Detections

Analytics

CVE-2012-5621

high

Tenable Plugins

high

medium

medium

medium

medium