Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.6
CVSSv2

CVE-2004-0456

Published: 06/12/2004 Updated: 11/07/2017
CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9
VMScore: 676
Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Subscribe to Pavuk

Vulnerability Summary

Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header.

Vulnerable Product Search on Vulmon Subscribe to Product

pavuk pavuk 0.9pl28i

pavuk pavuk 0.928r1

debian debian linux 3.0

gentoo linux 1.4

gentoo linux 1.1a

gentoo linux 1.2

Vendor Advisories

Debian Security Advisories: DSA-527-1 pavuk -- buffer overflow
Ulf Härnhammar discovered a vulnerability in pavuk, a file retrieval program, whereby an oversized HTTP 305 response sent by a malicious server could cause arbitrary code to be executed with the privileges of the pavuk process For the current stable distribution (woody), this problem has been fixed in version 09pl28-1woody1 pavuk is no longer i ...

References

NVD-CWE-Otherhttp://security.gentoo.org/glsa/glsa-200406-22.xmlhttp://www.debian.org/security/2004/dsa-527http://www.securityfocus.com/bid/10633http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023322.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/16551https://nvd.nist.govhttps://www.debian.org/security/./dsa-527
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAPCVE-2024-4367server-side request forgeryinformation disclosureCVE-2024-34342CVE-2024-4281CVE-2024-3507CVE-2024-25560CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook