CVE-2018-4013
published 2018-10-19CVE-2018-4013: An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially…
PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
9.49%
94.8th percentile
An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| live555 | live555_media_server | — | — |
| live_networks | live555_media_server | — | — |
Detection & IOCsextracted from sources · hover to see the quote
snort↗
48067 - 48068
- →Detect exploitation attempts by monitoring for HTTP packets containing multiple 'Accept:' header strings targeting the RTSP-over-HTTP tunnel port(s), which trigger a stack buffer overflow in the 'lookForHeader' function. ↗
- →Detect exploitation attempts by monitoring for HTTP packets containing multiple 'x-sessioncookie' header strings targeting the RTSP-over-HTTP tunnel port(s). ↗
- →Focus inspection on the RTSP-over-HTTP tunneling functionality; the vulnerable code path is only reachable when an HTTP client negotiates the RTSP-over-HTTP tunnel on the bound HTTP port. ↗
- ·Snort rules 48067-48068 are subject to change; always pull the latest rule definitions from Firepower Management Center or Snort.org for current coverage. ↗
- ·The vulnerability is confirmed in version 0.92 but may also be present in earlier versions; scope detection/patching accordingly. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv3.010.0CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_ubuntu9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3rmx-2chr-mp38: An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0
ghsa_unreviewed·2022-05-13
CVE-2018-4013 [CRITICAL] CWE-787 GHSA-3rmx-2chr-mp38: An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0
An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.
OSV
liblivemedia vulnerabilities
osv·2021-03-15·CVSS 9.8
CVE-2018-4013 [CRITICAL] liblivemedia vulnerabilities
liblivemedia vulnerabilities
It was discovered that liveMedia incorrectly handled certain network
packets. An attacker could possibly use this issue to execute arbitrary
code. (CVE-2018-4013)
It was discovered that liveMedia incorrectly handled certain network
sessions. An attacker could possibly use this issue to cause a denial of
service. (CVE-2019-6256)
It was discovered that liveMedia incorrectly handled certain RTSP
streamings. An attacker could possiby use this issue to cause a denial of
service or other unspecified impact. (CVE-2019-7314)
It was discovered that liveMedia incorrectly handled certain requests. An
attacker could possibly use this issue to obtain sensitive information.
(CVE-2019-9215)
OSV
CVE-2018-4013: An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0
osv·2018-10-19·CVSS 9.8
CVE-2018-4013 [CRITICAL] CVE-2018-4013: An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0
An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.
Ubuntu
liveMedia vulnerabilities
vendor_ubuntu·2021-03-15·CVSS 9.8
CVE-2018-4013 [CRITICAL] liveMedia vulnerabilities
Title: liveMedia vulnerabilities
Summary: Several security issues were fixed in liveMedia.
It was discovered that liveMedia incorrectly handled certain network
packets. An attacker could possibly use this issue to execute arbitrary
code. (CVE-2018-4013)
It was discovered that liveMedia incorrectly handled certain network
sessions. An attacker could possibly use this issue to cause a denial of
service. (CVE-2019-6256)
It was discovered that liveMedia incorrectly handled certain RTSP
streamings. An attacker could possiby use this issue to cause a denial of
service or other unspecified impact. (CVE-2019-7314)
It was discovered that liveMedia incorrectly handled certain requests. An
attacker could possibly use this issue to obtain sensitive information.
(CVE-2019-9215)
Instructions: In g
No detection rules found.
Talos
Vulnerability Spotlight: Live Networks LIVE555 streaming media RTSPServer code execution vulnerability
blogs_talos·2018-10-18·CVSS 9.8
[CRITICAL] Vulnerability Spotlight: Live Networks LIVE555 streaming media RTSPServer code execution vulnerability
These vulnerabilities were discovered by Lilith Wyatt of Cisco Talos.
Cisco Talos is disclosing a code execution vulnerability that has been identified in Live Networks LIVE555 streaming media RTSPServer.
LIVE555 Streaming Media is a set of open-source C++ libraries developed by Live Networks Inc. for multimedia streaming. The libraries support open standards such as RTP/RTCP and RTSP for streaming, and can also manage video RTP payload formats such as H.264, H.265, MPEG, VP8, and DV, and audio RTP payload formats such as MPEG, AAC, AMR, AC-3 and Vorbis. It is used internally by well-known software such as VLC and MPlayer.
An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library, which is not part of media players, bu
Talos
Vulnerability Spotlight: Live Networks LIVE555 streaming media RTSPServer code execution vulnerability
blogs_talos·2018-10-18·CVSS 9.8
[CRITICAL] Vulnerability Spotlight: Live Networks LIVE555 streaming media RTSPServer code execution vulnerability
## Vulnerability Spotlight: Live Networks LIVE555 streaming media RTSPServer code execution vulnerability
These vulnerabilities were discovered by Lilith Wyatt of Cisco Talos.
Cisco Talos is disclosing a code execution vulnerability that has been identified in Live Networks LIVE555 streaming media RTSPServer.
LIVE555 Streaming Media is a set of open-source C++ libraries developed by Live Networks Inc. for multimedia streaming. The libraries support open standards such as RTP/RTCP and RTSP for streaming, and can also manage video RTP payload formats such as H.264, H.265, MPEG, VP8, and DV, and audio RTP payload formats such as MPEG, AAC, AMR, AC-3 and Vorbis. It is used internally by well-known software such as VLC and MPlayer.
An exploitable code execution vulnerability exists in the H
http://lists.live555.com/pipermail/live-devel/2018-October/021071.htmlhttps://lists.debian.org/debian-lts-announce/2018/11/msg00020.htmlhttps://security.gentoo.org/glsa/202005-06https://talosintelligence.com/vulnerability_reports/TALOS-2018-0684https://www.debian.org/security/2018/dsa-4343http://lists.live555.com/pipermail/live-devel/2018-October/021071.htmlhttps://lists.debian.org/debian-lts-announce/2018/11/msg00020.htmlhttps://security.gentoo.org/glsa/202005-06https://talosintelligence.com/vulnerability_reports/TALOS-2018-0684https://www.debian.org/security/2018/dsa-4343
2018-10-19
Published