Computer Security
[EN] securityvulns.ru no-pyccku


Peercast buffer overflow
updated since 18.12.2007
Published:22.05.2008
Source:
SecurityVulns ID:8460
Type:remote
Threat Level:
6/10
Description:Buffer overflow in HTTP Basic authentication and on SOURCE header parsing.
Affected:PEERCAST : PeerCast 0.1218
CVE:CVE-2008-2040 (Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http.cpp) in Peercast 0.1218 and gnome-peercast allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Basic Authentication string with a long (1) username or (2) password.)
 CVE-2007-6454 (Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.)
Original documentdocumentDEB IAN, [SECURITY] [DSA 1583-1] New gnome-peercast packages fix several vulnerabilities (22.05.2008)
 documentDEBIAN, [SECURITY] [DSA 1582-1] New peercast packages fix arbitrary code execution (22.05.2008)
 documentLuigi Auriemma, Heap overflow in PeerCast 0.1217 (18.12.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod