ID CVE-2007-1804
Summary PulseAudio 0.9.5 allows remote attackers to cause a denial of service (daemon crash) via (1) a PA_PSTREAM_DESCRIPTOR_LENGTH value of FRAME_SIZE_MAX_ALLOW sent on TCP port 9875, which triggers a p->export assertion failure in do_read; (2) a PA_PSTREAM_DESCRIPTOR_LENGTH value of 0 sent on TCP port 9875, which triggers a length assertion failure in pa_memblock_new; or (3) an empty packet on UDP port 9875, which triggers a t assertion failure in pa_sdp_parse; and allows remote authenticated users to cause a denial of service (daemon crash) via a crafted packet on TCP port 9875 that (4) triggers a maxlength assertion failure in pa_memblockq_new, (5) triggers a size assertion failure in pa_xmalloc, or (6) plays a certain sound file.
References
Vulnerable Configurations
  • cpe:2.3:a:pulseaudio:pulseaudio:0.9.5
    cpe:2.3:a:pulseaudio:pulseaudio:0.9.5
CVSS
Base: 7.8 (as of 03-04-2007 - 20:43)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
exploit-db via4
description PulseAudio 0.9.5 Assert() Remote Denial of Service Vulnerability. CVE-2007-1804. Dos exploit for linux platform
id EDB-ID:29809
last seen 2016-02-03
modified 2007-04-02
published 2007-04-02
reporter Luigi Auriemma
source https://www.exploit-db.com/download/29809/
title PulseAudio 0.9.5 Assert Remote Denial of Service Vulnerability
nessus via4
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2008-065.NASL
    description Luigi Auriemma found a few programming errors in Pulseaudio, that can be used to crash the Pulseaudio daemon, by authenticated and unauthenticated users. The updated packages fix these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 37991
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37991
    title Mandriva Linux Security Advisory : pulseaudio (MDVSA-2008:065)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_PULSEAUDIO-3637.NASL
    description This update of pulseaudio fixes a denial-of-service bug that can be triggered remotely. (CVE-2007-1804)
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27405
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27405
    title openSUSE 10 Security Update : pulseaudio (pulseaudio-3637)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-465-1.NASL
    description Luigi Auriemma discovered multiple flaws in pulseaudio's network processing code. If an unauthenticated attacker sent specially crafted requests to the pulseaudio daemon, it would crash, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 28065
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28065
    title Ubuntu 7.04 : pulseaudio vulnerability (USN-465-1)
refmap via4
bid 23240
mandriva MDVSA-2008:065
misc
secunia
  • 25431
  • 25787
suse SUSE-SR:2007:013
ubuntu USN-465-1
vupen ADV-2007-1214
xf pulseaudio-assert-dos(33315)
Last major update 07-03-2011 - 21:52
Published 02-04-2007 - 19:19
Last modified 28-07-2017 - 21:31
Back to Top