Published: 18/01/2017 Updated: 03/08/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

The Bzrtp library (aka libbzrtp) 1.0.x prior to 1.0.4 allows man-in-the-middle malicious users to conduct spoofing attacks by leveraging a missing HVI check on DHPart2 packet reception.

Vulnerable Product	Search on Vulmon	Subscribe to Product
bzrtp project bzrtp 1.0.2
bzrtp project bzrtp 1.0.3
bzrtp project bzrtp 1.0.0

Debian Bug report logs - #859277 bzrtp: CVE-2016-6271: missing HVI check on DHPart2 packet reception Package: src:bzrtp; Maintainer for src:bzrtp is Debian VoIP Team <pkg-voip-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 1 Apr 2017 17:30:01 UTC Severity: impo ...

Proof of concept for ZRTP man-in-the-middle

CVE-2016-6271 CVE-2016-6271 impacts libbzrtp, which is a ZRTP library developped by Belledonne Communications This library is embedded in end-user applications, for example linphone, which is available as an Android app on Play store Current version 327 embeds a version of libbzrtp shall not be vulnerable to CVE-2016-6271 TLDR; Build vulnerable ZRTP agent cd vulnerable-b

CWE-254 https://github.com/BelledonneCommunications/bzrtp/commit/bbb1e6e2f467ee4bd7b9a8c800e4f07343d7d99b http://www.securityfocus.com/bid/95928 https://github.com/gteissier/CVE-2016-6271 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859277 https://nvd.nist.gov https://github.com/gteissier/CVE-2016-6271

CVE-2016-6271

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect