FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-6454

This CVE name corresponds to:

Entered Topic
2007-12-19 peercast -- buffer overflow vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-6454 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-6454
Phase Assigned(20071219)

Description

Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.

References

Source Reference
BUGTRAQ 20071217 Heap overflow in PeerCast 0.1217
MISC http://aluigi.altervista.org/adv/peercasthof-adv.txt
MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457300
MISC http://bugs.gentoo.org/show_bug.cgi?id=202747
CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=202747
DEBIAN DSA-1441
DEBIAN DSA-1583
GENTOO GLSA-200801-22
BID 26899
VUPEN ADV-2007-4246
SECUNIA 28120
SECUNIA 28260
SECUNIA 28719
SECUNIA 30325
SREASON 3461
XF peercast-handshakehttp-bo(39075)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.