CVE-2016-6271

Published
View on NVD ↗
CVSS v3
N/A
CVSS v2
5
MEDIUM
Affected
2
PROJECTS

Description

The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows man-in-the-middle attackers to conduct spoofing attacks by leveraging a missing HVI check on DHPart2 packet reception.

BelledonneCommunications/bzrtp
BelledonneCommunications/bzrtp
Linphone.org mirror for bzrtp (git://git.linphone.org/bzrtp.git)
GitHubGitHub
15
gteissier/CVE-2016-6271
gteissier/CVE-2016-6271
Proof of concept for ZRTP man-in-the-middle
GitHubGitHub
5