Comment 1 Robert Buchholz (RETIRED) 2007-12-28 01:38:50 UTC

See comments in bug 203532.

Comment 2 Luca Barbato 2007-12-28 02:32:27 UTC

as said in the other bug: mask && kill them

Comment 3 Robert Buchholz (RETIRED) 2008-01-04 23:56:46 UTC

CVE-2007-6626:
         Multiple buffer overflows in the RTSP_valid_response_msg function in
         RTSP_state_machine.c in LScube Feng 0.1.15 and earlier allow remote
         attackers to execute arbitrary code via (1) a long first line of a
         response, as demonstrated by a long VER line; or (2) a long second
         line of a response, as demonstrated by a message that follows a RETURN
         line.
CVE-2007-6627:
         Integer overflow in the RTSP_remove_msg function in RTSP_lowlevel.c in
         LScube Feng 0.1.15 and earlier allows remote attackers to cause a
         denial of service (crash) and possibly execute arbitrary code via an
         RTP packet with a size value of 0xffff.
CVE-2007-6628:
         LScube Feng 0.1.15 and earlier allows remote attackers to cause a
         denial of service (NULL dereference and daemon crash) via (1) a
         malformed Transport header, which triggers misparsing in
         parse_transport_header in RTSP_setup.c, as demonstrated by a Transport
         header that contains only a "RTP/AVP;unicast;client_port" sequence; or
         (2) a malformed Range header, which triggers misparsing in
         parse_play_time_range in RTSP_Play, as demonstrated by an empty Range
         header.
CVE-2007-6629:
         Interpretation conflict in LScube Feng 0.1.15 and earlier allows
         remote attackers to cause a denial of service (NULL dereference and
         daemon crash) via a User-Agent header line that contains a
         carriage-return character, which is considered a line delimiter when
         the header is split into individual lines, but not when log_user_agent
         in RTSP_utils.c parses the content of the User-Agent line.
CVE-2007-6630:
         The Url_init function in utils/url.c in Netembryo 0.0.4, when used by
         LScube Feng, allows remote attackers to cause a denial of service
         (NULL dereference and daemon crash) via a malformed URI containing a
         "/:" sequence, as demonstrated by a "DESCRIBE /: RTSP/1.0" request.

Comment 4 Robert Buchholz (RETIRED) 2008-01-04 23:57:47 UTC

Luca, will you go ahead on the masking?

Comment 5 Luca Barbato 2008-01-05 00:48:38 UTC

Masked 

Comment 6 Matthias Geerdsen (RETIRED) 2008-07-13 00:48:35 UTC

this has been masked for a half year now... might be time to remove it

Comment 7 Samuli Suominen (RETIRED) 2008-12-12 11:46:26 UTC

Security, this pkg is no longer in portage tree. Please close this bug the way you want.

+  12 Dec 2008; <ssuominen@gentoo.org> package.mask:
+  Removing nemesi and fenice, masked since 05 Jan 2008 for security issues.
+  They are also deprecated and replaced by libnemesi and feng.

Comment 8 Robert Buchholz (RETIRED) 2008-12-12 12:09:09 UTC

Thanks for the notification, closing as this was ~arch only.