CVE-2007-5824 - Vulnerability Details - OpenCVE

webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in the ws_decodepassword function; or (2) a header line without a ':' character, which triggers a crash in the ws_getheaders function.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Firefly	Media Server

Configuration 1 [-]

cpe:2.3:a:firefly:media_server:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://bugs.gentoo.org/show_bug.cgi?id=200110
http://secunia.com/advisories/28269
http://secunia.com/advisories/30661
http://sourceforge.net/project/shownotes.php?group_id=98211&release_id=548679
http://www.debian.org/security/2008/dsa-1597
http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml
http://www.securityfocus.com/archive/1/483210/100/0/threaded
http://www.securityfocus.com/archive/1/483211/100/0/threaded
http://www.securityfocus.com/archive/1/483215/100/0/threaded
http://www.securityfocus.com/bid/26309
https://exchange.xforce.ibmcloud.com/vulnerabilities/38241
https://exchange.xforce.ibmcloud.com/vulnerabilities/38242
https://www.exploit-db.com/exploits/4600

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-11-05T19:00:00

Updated: 2024-08-07T15:47:00.548Z

Reserved: 2007-11-05T00:00:00

Link: CVE-2007-5824

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-11-05T19:46:00.000

Modified: 2024-11-21T00:38:46.787

Link: CVE-2007-5824

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-11-02T00:00:00", "descriptions": [{"lang": "en", "value": "webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in the ws_decodepassword function; or (2) a header line without a ':' character, which triggers a crash in the ws_getheaders function."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "firefly-decodepassword-dos(38242)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242"}, {"name": "DSA-1597", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1597"}, {"name": "20071102 [UPH-07-02] Firefly Media Server DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/483211/100/0/threaded"}, {"name": "26309", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26309"}, {"name": "20071102 Re: [UPH-07-01] Firefly Media Server DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/483215/100/0/threaded"}, {"name": "firefly-getheaders-dos(38241)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241"}, {"name": "28269", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28269"}, {"name": "4600", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/4600"}, {"name": "20071102 [UPH-07-01] Firefly Media Server DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/483210/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/project/shownotes.php?group_id=98211&release_id=548679"}, {"tags": ["x_refsource_MISC"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"}, {"name": "30661", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30661"}, {"name": "GLSA-200712-18", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5824", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in the ws_decodepassword function; or (2) a header line without a ':' character, which triggers a crash in the ws_getheaders function."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "firefly-decodepassword-dos(38242)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242"}, {"name": "DSA-1597", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1597"}, {"name": "20071102 [UPH-07-02] Firefly Media Server DoS", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/483211/100/0/threaded"}, {"name": "26309", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26309"}, {"name": "20071102 Re: [UPH-07-01] Firefly Media Server DoS", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/483215/100/0/threaded"}, {"name": "firefly-getheaders-dos(38241)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241"}, {"name": "28269", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28269"}, {"name": "4600", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/4600"}, {"name": "20071102 [UPH-07-01] Firefly Media Server DoS", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/483210/100/0/threaded"}, {"name": "http://sourceforge.net/project/shownotes.php?group_id=98211&release_id=548679", "refsource": "CONFIRM", "url": "http://sourceforge.net/project/shownotes.php?group_id=98211&release_id=548679"}, {"name": "http://bugs.gentoo.org/show_bug.cgi?id=200110", "refsource": "MISC", "url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"}, {"name": "30661", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30661"}, {"name": "GLSA-200712-18", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:47:00.548Z"}, "title": "CVE Program Container", "references": [{"name": "firefly-decodepassword-dos(38242)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242"}, {"name": "DSA-1597", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2008/dsa-1597"}, {"name": "20071102 [UPH-07-02] Firefly Media Server DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/483211/100/0/threaded"}, {"name": "26309", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/26309"}, {"name": "20071102 Re: [UPH-07-01] Firefly Media Server DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/483215/100/0/threaded"}, {"name": "firefly-getheaders-dos(38241)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241"}, {"name": "28269", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28269"}, {"name": "4600", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/4600"}, {"name": "20071102 [UPH-07-01] Firefly Media Server DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/483210/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sourceforge.net/project/shownotes.php?group_id=98211&release_id=548679"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"}, {"name": "30661", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30661"}, {"name": "GLSA-200712-18", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5824", "datePublished": "2007-11-05T19:00:00", "dateReserved": "2007-11-05T00:00:00", "dateUpdated": "2024-08-07T15:47:00.548Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:firefly:media_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "683713CB-F4E3-47D1-82FF-BDAD5A1B2EAD", "versionEndIncluding": "0.2.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in the ws_decodepassword function; or (2) a header line without a ':' character, which triggers a crash in the ws_getheaders function."}, {"lang": "es", "value": "webserver.c en mt-dappd in Firefly Media Server 0.2.4 y anteriores permite a atacantes remotos provocar denegaci\u00f3n de servicio (referencia NULL y caida de demonio) a trav\u00e9s de una acci\u00f3n de m\u00e9todo de estado en /xml-rpc con (1) una l\u00ednea de cabecera vac\u00eda Authorization, el cual dispara un caida en la funci\u00f3n ws_decodepassword; o (2) una l\u00ednea de cabecera sin el caracter ':', lo cual dispara una caida en la funci\u00f3n ws_getheaders."}], "id": "CVE-2007-5824", "lastModified": "2024-11-21T00:38:46.787", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-11-05T19:46:00.000", "references": [{"source": "cve@mitre.org", "url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/28269"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/30661"}, {"source": "cve@mitre.org", "url": "http://sourceforge.net/project/shownotes.php?group_id=98211&release_id=548679"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2008/dsa-1597"}, {"source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/483210/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/483211/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/483215/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26309"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/4600"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28269"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30661"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sourceforge.net/project/shownotes.php?group_id=98211&release_id=548679"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1597"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/483210/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/483211/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/483215/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/26309"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/4600"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}