|
|
|||
| Rule General Information |
|---|
| Release Date: | 2019-07-08 | |
| Rule Name: | PeerCast 0.1216 URL Handling Buffer Overflow (win32) Vulnerability (CVE-2006-1148) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Multiple stack-based buffer overflows in the procConnectArgs function in servmgr.cpp in PeerCast before 0.1217 allow remote attackers to execute arbitrary code via an HTTP GET request with a long (1) parameter name or (2) value in a URL, which triggers the overflow in the nextCGIarg function in servhs.cpp. | |
| Impact: | A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks includes arbitrary code execution and denial of service. | |
| Affected OS: | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others | |
| Reference: | SecurityFocusBID:17040 http://security.gentoo.org/glsa/glsa-200603-17.xml http://www.infigo.hr/in_focus/INFIGO-2006-03-01 http://www.peercast.org/forum/viewtopic.php?t=3346 |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: peercast.org PeerCast v0.1217 |