10
CVSSv2

CVE-2008-0550

Published: 01/02/2008 Updated: 08/08/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Off-by-one error in Steamcast 0.9.75 and previous versions allows remote malicious users to cause a denial of service (daemon crash) or execute arbitrary code via a certain HTTP request that leads to a buffer overflow, as demonstrated by a long User-Agent header.

Vulnerable Product Search on Vulmon Subscribe to Product

radio toolbox steamcast

Exploits

## # $Id: steamcast_useragentrb 9488 2010-06-11 16:12:05Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' c ...

Metasploit Modules

Streamcast HTTP User-Agent Buffer Overflow

This module exploits a stack buffer overflow in Streamcast <= 0.9.75. By sending an overly long User-Agent in an HTTP GET request, an attacker may be able to execute arbitrary code.

msf > use exploit/windows/http/steamcast_useragent
      msf exploit(steamcast_useragent) > show targets
            ...targets...
      msf exploit(steamcast_useragent) > set TARGET <target-id>
      msf exploit(steamcast_useragent) > show options
            ...show and set options...
      msf exploit(steamcast_useragent) > exploit