Luigi Auriemma discovered that PeerCast, a P2P audio and video streaming server, is vulnerable to a heap overflow in the HTTP server code, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request. The old stable distribution (sarge) does not contain peercast. For the stable distribution (etch), this problem has been fixed in version 0.1217.toots.20060314-1etch0. For the unstable distribution (sid), this problem has been fixed in version 0.1218+svn20071220+2. We recommend that you upgrade your peercast packages.
Luigi Auriemma discovered that PeerCast, a P2P audio and video streaming server, is vulnerable to a heap overflow in the HTTP server code, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.
The old stable distribution (sarge) does not contain peercast.
For the stable distribution (etch), this problem has been fixed in version 0.1217.toots.20060314-1etch0.
For the unstable distribution (sid), this problem has been fixed in version 0.1218+svn20071220+2.
We recommend that you upgrade your peercast packages.
MD5 checksums of the listed files are available in the original advisory.