Detections
Analytics

PeerCast servhs.cpp handshakeHTTP Function SOURCE Request Remote Overflow

high Nessus Plugin ID 29726

Language:

Synopsis

The remote web server is affected by a buffer overflow vulnerability.

Description

The version of PeerCast installed on the remote host fails to check the length of user-supplied data in its 'handshakeHTTP' function in 'servhs.cpp' before copying it to the 'loginPassword' and 'loginMount' heap-based buffers. An unauthenticated attacker can leverage this issue to crash the affected application or execute arbitrary code on the remote host, subject to the privileges under which PeerCast operates.

Solution

Upgrade to PeerCast version 0.1218 or later.

See Also

https://www.securityfocus.com/archive/1/485199/30/0/threaded

Plugin Details

Severity: High

ID: 29726

File Name: peercast_01218.nasl

Version: 1.14

Type: remote

Published: 12/18/2007

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:peercast:peercast

Required KB Items: PeerCast/installed

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

CVE: CVE-2007-6454

BID: 26899

CWE: 119