Several remote vulnerabilities have been discovered in GNOME PeerCast, the GNOME interface to PeerCast, a P2P audio and video streaming server. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-6454 Luigi Auriemma discovered that PeerCast is vulnerable to a heap overflow in the HTTP server code, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request. CVE-2008-2040 Nico Golde discovered that PeerCast, a P2P audio and video streaming server, is vulnerable to a buffer overflow in the HTTP Basic Authentication code, allowing a remote attacker to crash PeerCast or execute arbitrary code. For the stable distribution (etch), these problems have been fixed in version 0.5.4-1.1etch0. gnome-peercast has been removed from the unstable distribution (sid). We recommend that you upgrade your gnome-peercast package.
Several remote vulnerabilities have been discovered in GNOME PeerCast, the GNOME interface to PeerCast, a P2P audio and video streaming server. The Common Vulnerabilities and Exposures project identifies the following problems:
Luigi Auriemma discovered that PeerCast is vulnerable to a heap overflow in the HTTP server code, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.
Nico Golde discovered that PeerCast, a P2P audio and video streaming server, is vulnerable to a buffer overflow in the HTTP Basic Authentication code, allowing a remote attacker to crash PeerCast or execute arbitrary code.
For the stable distribution (etch), these problems have been fixed in version 0.5.4-1.1etch0.
gnome-peercast has been removed from the unstable distribution (sid).
We recommend that you upgrade your gnome-peercast package.
MD5 checksums of the listed files are available in the original advisory.