PeerCast < 0.1217 procConnectArgs Function Remote Overflow

high Nessus Network Monitor Plugin ID 3468

Synopsis

The remote web server suffers from a buffer overflow vulnerability.

Description

The version of PeerCast installed on the remote host copies the supplied option string without limit into a finite-size buffer. An unauthenticated attacker can leverage this issue to crash the affected application and possibly to execute arbitrary code on the remote host subject to the privileges of the user running PeerCast.

Solution

Upgrade to version 0.1217 or higher.

See Also

http://www.securityfocus.com/archive/1/427160/30/0/threaded

http://www.peercast.org/forum/viewtopic.php?t=3346

Plugin Details

Severity: High

ID: 3468

Family: Web Servers

Published: 3/9/2006

Updated: 3/6/2019

Nessus ID: 21041

Risk Information

VPR

Risk Factor: High

Score: 7.0

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:peercast:peercast

Exploitable With

Core Impact

Metasploit (PeerCast <= 0.1216 URL Handling Buffer Overflow (linux))

Reference Information

CVE: CVE-2006-1148

BID: 17040