Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2007-6454

Published: 20/12/2007 Updated: 15/10/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Peercast

Vulnerability Summary

Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and previous versions, and SVN 344 and previous versions, allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.

Vulnerable Product Search on Vulmon Subscribe to Product

peercast peercast 0.1211

peercast peercast 0.1212

peercast peercast

peercast peercast 0.1215

Vendor Advisories

Debian Security Advisories: DSA-1583-1 gnome-peercast -- buffer overflow
Several remote vulnerabilities have been discovered in GNOME PeerCast, the GNOME interface to PeerCast, a P2P audio and video streaming server The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-6454 Luigi Auriemma discovered that PeerCast is vulnerable to a heap overflow in the HTTP server code, w ...
Debian Security Advisories: DSA-1441-1 peercast -- buffer overflow
Luigi Auriemma discovered that PeerCast, a P2P audio and video streaming server, is vulnerable to a heap overflow in the HTTP server code, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request The old stable distribution (sarge) does not contain peercast For the stable distrib ...

Exploits

Exploit DB: PeerCast 0.12 - HandshakeHTTP Multiple Buffer Overflow Vulnerabilities
source: wwwsecurityfocuscom/bid/26899/info PeerCast is prone to multiple buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied input before copying it to an insufficiently sized buffer Successfully exploiting these issues will allow an attacker to execute arbitrary code with the privileges of the user ...

References

CWE-119http://aluigi.altervista.org/adv/peercasthof-adv.txthttp://www.securityfocus.com/bid/26899http://secunia.com/advisories/28120http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457300http://www.debian.org/security/2007/dsa-1441http://secunia.com/advisories/28260http://www.gentoo.org/security/en/glsa/glsa-200801-22.xmlhttp://secunia.com/advisories/28719http://securityreason.com/securityalert/3461http://www.debian.org/security/2008/dsa-1583http://secunia.com/advisories/30325http://www.vupen.com/english/advisories/2007/4246http://bugs.gentoo.org/show_bug.cgi?id=202747https://exchange.xforce.ibmcloud.com/vulnerabilities/39075http://www.securityfocus.com/archive/1/485199/100/0/threadedhttps://nvd.nist.govhttps://www.debian.org/security/./dsa-1583https://www.exploit-db.com/exploits/30894/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook