Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-6256

Опубликовано: 14 янв. 2019
Источник: ubuntu
Приоритет: medium
CVSS2: 7.5
CVSS3: 9.8

Описание

A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request within the same TCP session. This occurs because of a call to an incorrect virtual function pointer in the readSocket function in GroupsockHelper.cpp.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
cosmic

ignored

end of life
devel

DNE

disco

released

2018.11.26-1
eoan

released

2018.11.26-1
esm-apps/bionic

released

2018.02.18-1ubuntu0.1~esm1
esm-apps/focal

released

2018.11.26-1
esm-apps/xenial

released

2016.02.09-1ubuntu0.1~esm1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needed]
focal

released

2018.11.26-1

Показывать по

Ссылки на источники

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

nvd логотип

CVE-2019-6256

CVSS3: 9.8
nvd
около 7 лет назад

A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request within the same TCP session. This occurs because of a call to an incorrect virtual function pointer in the readSocket function in GroupsockHelper.cpp.

debian логотип

CVE-2019-6256

CVSS3: 9.8
debian
около 7 лет назад

A Denial of Service issue was discovered in the LIVE555 Streaming Medi ...

github логотип

GHSA-j293-2f59-6wr3

CVSS3: 9.8
github
больше 3 лет назад

A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request within the same TCP session. This occurs because of a call to an incorrect virtual function pointer in the readSocket function in GroupsockHelper.cpp.

fstec логотип

BDU:2019-01280

CVSS3: 9.8
fstec
почти 7 лет назад

Уязвимость функции readSocket библиотеки Live555 Media Server пакета liblivemedia, позволяющая нарушителю вызвать отказ в обслуживании

suse-cvrf логотип

openSUSE-SU-2019:0058-1

suse-cvrf
почти 7 лет назад

Security update for live555

7.5 High

CVSS2

9.8 Critical

CVSS3