Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
10 vulnerabilities by peercast
CVE-2008-2040 (GCVE-0-2008-2040)
Vulnerability from nvd – Published: 2008-04-30 15:00 – Updated: 2024-08-07 08:49
VLAI
Summary
Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http.cpp) in Peercast 0.1218 and gnome-peercast allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Basic Authentication string with a long (1) username or (2) password.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
14 references
Date Public
2008-04-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:49:56.893Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200807-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200807-11.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478680"
},
{
"name": "30020",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30020"
},
{
"name": "DSA-1583",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1583"
},
{
"name": "30325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478573"
},
{
"name": "29962",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29962"
},
{
"name": "peercast-httpgetauthuserpass-bo(42092)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42092"
},
{
"name": "DSA-1582",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1582"
},
{
"name": "ADV-2008-1410",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1410/references"
},
{
"name": "30320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30320"
},
{
"name": "31182",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31182"
},
{
"name": "ADV-2008-1409",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1409/references"
},
{
"name": "28986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28986"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http.cpp) in Peercast 0.1218 and gnome-peercast allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Basic Authentication string with a long (1) username or (2) password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200807-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200807-11.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478680"
},
{
"name": "30020",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30020"
},
{
"name": "DSA-1583",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1583"
},
{
"name": "30325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478573"
},
{
"name": "29962",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29962"
},
{
"name": "peercast-httpgetauthuserpass-bo(42092)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42092"
},
{
"name": "DSA-1582",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1582"
},
{
"name": "ADV-2008-1410",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1410/references"
},
{
"name": "30320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30320"
},
{
"name": "31182",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31182"
},
{
"name": "ADV-2008-1409",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1409/references"
},
{
"name": "28986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28986"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2040",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http.cpp) in Peercast 0.1218 and gnome-peercast allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Basic Authentication string with a long (1) username or (2) password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200807-11",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200807-11.xml"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478680",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478680"
},
{
"name": "30020",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30020"
},
{
"name": "DSA-1583",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1583"
},
{
"name": "30325",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30325"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478573",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478573"
},
{
"name": "29962",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29962"
},
{
"name": "peercast-httpgetauthuserpass-bo(42092)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42092"
},
{
"name": "DSA-1582",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1582"
},
{
"name": "ADV-2008-1410",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1410/references"
},
{
"name": "30320",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30320"
},
{
"name": "31182",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31182"
},
{
"name": "ADV-2008-1409",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1409/references"
},
{
"name": "28986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28986"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2040",
"datePublished": "2008-04-30T15:00:00.000Z",
"dateReserved": "2008-04-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:49:56.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6454 (GCVE-0-2007-6454)
Vulnerability from nvd – Published: 2007-12-20 00:00 – Updated: 2024-08-07 16:11
VLAI
Summary
Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
15 references
Date Public
2007-12-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:04.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200801-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200801-22.xml"
},
{
"name": "26899",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26899"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=202747"
},
{
"name": "28719",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28719"
},
{
"name": "peercast-handshakehttp-bo(39075)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39075"
},
{
"name": "DSA-1583",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1583"
},
{
"name": "28120",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28120"
},
{
"name": "30325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30325"
},
{
"name": "20071217 Heap overflow in PeerCast 0.1217",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/485199/100/0/threaded"
},
{
"name": "28260",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28260"
},
{
"name": "DSA-1441",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1441"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=202747"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/peercasthof-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457300"
},
{
"name": "ADV-2007-4246",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4246"
},
{
"name": "3461",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3461"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200801-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200801-22.xml"
},
{
"name": "26899",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26899"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=202747"
},
{
"name": "28719",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28719"
},
{
"name": "peercast-handshakehttp-bo(39075)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39075"
},
{
"name": "DSA-1583",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1583"
},
{
"name": "28120",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28120"
},
{
"name": "30325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30325"
},
{
"name": "20071217 Heap overflow in PeerCast 0.1217",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/485199/100/0/threaded"
},
{
"name": "28260",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28260"
},
{
"name": "DSA-1441",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1441"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=202747"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/peercasthof-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457300"
},
{
"name": "ADV-2007-4246",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4246"
},
{
"name": "3461",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3461"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6454",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200801-22",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200801-22.xml"
},
{
"name": "26899",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26899"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=202747",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=202747"
},
{
"name": "28719",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28719"
},
{
"name": "peercast-handshakehttp-bo(39075)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39075"
},
{
"name": "DSA-1583",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1583"
},
{
"name": "28120",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28120"
},
{
"name": "30325",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30325"
},
{
"name": "20071217 Heap overflow in PeerCast 0.1217",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/485199/100/0/threaded"
},
{
"name": "28260",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28260"
},
{
"name": "DSA-1441",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1441"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=202747",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=202747"
},
{
"name": "http://aluigi.altervista.org/adv/peercasthof-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/peercasthof-adv.txt"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457300",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457300"
},
{
"name": "ADV-2007-4246",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4246"
},
{
"name": "3461",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3461"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6454",
"datePublished": "2007-12-20T00:00:00.000Z",
"dateReserved": "2007-12-19T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:11:04.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3087 (GCVE-0-2007-3087)
Vulnerability from nvd – Published: 2007-06-06 10:00 – Updated: 2024-08-07 14:05
VLAI
Summary
Peercast places a cleartext password in a query string, which might allow attackers to obtain sensitive information by sniffing the network, or obtaining Referer or browser history information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://osvdb.org/42055 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/470455/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/2774 | third-party-advisoryx_refsource_SREASON |
Date Public
2007-06-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:05:29.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/42055"
},
{
"name": "peercast-password-information-disclosure(34713)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34713"
},
{
"name": "20070604 2007-06-03: PeerCast streaming server submits cleartext password",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/470455/100/0/threaded"
},
{
"name": "2774",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2774"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Peercast places a cleartext password in a query string, which might allow attackers to obtain sensitive information by sniffing the network, or obtaining Referer or browser history information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/42055"
},
{
"name": "peercast-password-information-disclosure(34713)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34713"
},
{
"name": "20070604 2007-06-03: PeerCast streaming server submits cleartext password",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/470455/100/0/threaded"
},
{
"name": "2774",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2774"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3087",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Peercast places a cleartext password in a query string, which might allow attackers to obtain sensitive information by sniffing the network, or obtaining Referer or browser history information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42055",
"refsource": "OSVDB",
"url": "http://osvdb.org/42055"
},
{
"name": "peercast-password-information-disclosure(34713)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34713"
},
{
"name": "20070604 2007-06-03: PeerCast streaming server submits cleartext password",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470455/100/0/threaded"
},
{
"name": "2774",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2774"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3087",
"datePublished": "2007-06-06T10:00:00.000Z",
"dateReserved": "2007-06-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:05:29.209Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1148 (GCVE-0-2006-1148)
Vulnerability from nvd – Published: 2006-03-10 11:00 – Updated: 2024-08-07 17:03
VLAI
Summary
Multiple stack-based buffer overflows in the procConnectArgs function in servmgr.cpp in PeerCast before 0.1217 allow remote attackers to execute arbitrary code via an HTTP GET request with a long (1) parameter name or (2) value in a URL, which triggers the overflow in the nextCGIarg function in servhs.cpp.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/17040 | vdb-entryx_refsource_BID |
| http://security.gentoo.org/glsa/glsa-200603-17.xml | vendor-advisoryx_refsource_GENTOO |
| http://www.vupen.com/english/advisories/2006/0900 | vdb-entryx_refsource_VUPEN |
| http://www.infigo.hr/in_focus/INFIGO-2006-03-01 | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/427160/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/23777 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/19291 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/19169 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.peercast.org/forum/viewtopic.php?t=3346 | x_refsource_CONFIRM |
Date Public
2006-03-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:03:27.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17040",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17040"
},
{
"name": "GLSA-200603-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200603-17.xml"
},
{
"name": "ADV-2006-0900",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0900"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.infigo.hr/in_focus/INFIGO-2006-03-01"
},
{
"name": "20060309 INFIGO-2006-03-01: PeerCast streaming server remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427160/100/0/threaded"
},
{
"name": "23777",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/23777"
},
{
"name": "19291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19291"
},
{
"name": "19169",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19169"
},
{
"name": "peercast-url-bo(25113)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25113"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.peercast.org/forum/viewtopic.php?t=3346"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the procConnectArgs function in servmgr.cpp in PeerCast before 0.1217 allow remote attackers to execute arbitrary code via an HTTP GET request with a long (1) parameter name or (2) value in a URL, which triggers the overflow in the nextCGIarg function in servhs.cpp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17040",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17040"
},
{
"name": "GLSA-200603-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200603-17.xml"
},
{
"name": "ADV-2006-0900",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0900"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.infigo.hr/in_focus/INFIGO-2006-03-01"
},
{
"name": "20060309 INFIGO-2006-03-01: PeerCast streaming server remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/427160/100/0/threaded"
},
{
"name": "23777",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/23777"
},
{
"name": "19291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19291"
},
{
"name": "19169",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19169"
},
{
"name": "peercast-url-bo(25113)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25113"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.peercast.org/forum/viewtopic.php?t=3346"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1148",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the procConnectArgs function in servmgr.cpp in PeerCast before 0.1217 allow remote attackers to execute arbitrary code via an HTTP GET request with a long (1) parameter name or (2) value in a URL, which triggers the overflow in the nextCGIarg function in servhs.cpp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17040",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17040"
},
{
"name": "GLSA-200603-17",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200603-17.xml"
},
{
"name": "ADV-2006-0900",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0900"
},
{
"name": "http://www.infigo.hr/in_focus/INFIGO-2006-03-01",
"refsource": "MISC",
"url": "http://www.infigo.hr/in_focus/INFIGO-2006-03-01"
},
{
"name": "20060309 INFIGO-2006-03-01: PeerCast streaming server remote buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/427160/100/0/threaded"
},
{
"name": "23777",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23777"
},
{
"name": "19291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19291"
},
{
"name": "19169",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19169"
},
{
"name": "peercast-url-bo(25113)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25113"
},
{
"name": "http://www.peercast.org/forum/viewtopic.php?t=3346",
"refsource": "CONFIRM",
"url": "http://www.peercast.org/forum/viewtopic.php?t=3346"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1148",
"datePublished": "2006-03-10T11:00:00.000Z",
"dateReserved": "2006-03-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:03:27.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1806 (GCVE-0-2005-1806)
Vulnerability from nvd – Published: 2005-06-01 04:00 – Updated: 2024-08-07 22:06
VLAI
Summary
Format string vulnerability in PeerCast 0.1211 and earlier allows remote attackers to execute arbitrary code via format strings in the URL.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.gentoo.org/security/en/glsa/glsa-20050… | vendor-advisoryx_refsource_GENTOO |
| http://secunia.com/advisories/15753 | third-party-advisoryx_refsource_SECUNIA |
| http://marc.info/?l=bugtraq&m=111746603629979&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.gulftech.org/?node=research&article_id… | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2005/0651 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/15536 | third-party-advisoryx_refsource_SECUNIA |
| http://www.peercast.org/forum/viewtopic.php?p=11596 | x_refsource_CONFIRM |
Date Public
2005-05-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.147Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200506-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200506-15.xml"
},
{
"name": "15753",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15753"
},
{
"name": "20050528 Format String Vulnerability In Peercast 0.1211 And Earlier",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111746603629979\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00077-05282005"
},
{
"name": "ADV-2005-0651",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/0651"
},
{
"name": "15536",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15536"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.peercast.org/forum/viewtopic.php?p=11596"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-05-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in PeerCast 0.1211 and earlier allows remote attackers to execute arbitrary code via format strings in the URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200506-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200506-15.xml"
},
{
"name": "15753",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15753"
},
{
"name": "20050528 Format String Vulnerability In Peercast 0.1211 And Earlier",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111746603629979\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00077-05282005"
},
{
"name": "ADV-2005-0651",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/0651"
},
{
"name": "15536",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15536"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.peercast.org/forum/viewtopic.php?p=11596"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1806",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in PeerCast 0.1211 and earlier allows remote attackers to execute arbitrary code via format strings in the URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200506-15",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200506-15.xml"
},
{
"name": "15753",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15753"
},
{
"name": "20050528 Format String Vulnerability In Peercast 0.1211 And Earlier",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111746603629979\u0026w=2"
},
{
"name": "http://www.gulftech.org/?node=research\u0026article_id=00077-05282005",
"refsource": "MISC",
"url": "http://www.gulftech.org/?node=research\u0026article_id=00077-05282005"
},
{
"name": "ADV-2005-0651",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/0651"
},
{
"name": "15536",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15536"
},
{
"name": "http://www.peercast.org/forum/viewtopic.php?p=11596",
"refsource": "CONFIRM",
"url": "http://www.peercast.org/forum/viewtopic.php?p=11596"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1806",
"datePublished": "2005-06-01T04:00:00.000Z",
"dateReserved": "2005-06-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:06:57.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-2040 (GCVE-0-2008-2040)
Vulnerability from cvelistv5 – Published: 2008-04-30 15:00 – Updated: 2024-08-07 08:49
VLAI
Summary
Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http.cpp) in Peercast 0.1218 and gnome-peercast allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Basic Authentication string with a long (1) username or (2) password.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
14 references
Date Public
2008-04-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:49:56.893Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200807-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200807-11.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478680"
},
{
"name": "30020",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30020"
},
{
"name": "DSA-1583",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1583"
},
{
"name": "30325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478573"
},
{
"name": "29962",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29962"
},
{
"name": "peercast-httpgetauthuserpass-bo(42092)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42092"
},
{
"name": "DSA-1582",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1582"
},
{
"name": "ADV-2008-1410",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1410/references"
},
{
"name": "30320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30320"
},
{
"name": "31182",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31182"
},
{
"name": "ADV-2008-1409",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1409/references"
},
{
"name": "28986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28986"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http.cpp) in Peercast 0.1218 and gnome-peercast allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Basic Authentication string with a long (1) username or (2) password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200807-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200807-11.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478680"
},
{
"name": "30020",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30020"
},
{
"name": "DSA-1583",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1583"
},
{
"name": "30325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478573"
},
{
"name": "29962",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29962"
},
{
"name": "peercast-httpgetauthuserpass-bo(42092)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42092"
},
{
"name": "DSA-1582",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1582"
},
{
"name": "ADV-2008-1410",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1410/references"
},
{
"name": "30320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30320"
},
{
"name": "31182",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31182"
},
{
"name": "ADV-2008-1409",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1409/references"
},
{
"name": "28986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28986"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2040",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http.cpp) in Peercast 0.1218 and gnome-peercast allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Basic Authentication string with a long (1) username or (2) password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200807-11",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200807-11.xml"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478680",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478680"
},
{
"name": "30020",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30020"
},
{
"name": "DSA-1583",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1583"
},
{
"name": "30325",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30325"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478573",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478573"
},
{
"name": "29962",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29962"
},
{
"name": "peercast-httpgetauthuserpass-bo(42092)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42092"
},
{
"name": "DSA-1582",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1582"
},
{
"name": "ADV-2008-1410",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1410/references"
},
{
"name": "30320",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30320"
},
{
"name": "31182",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31182"
},
{
"name": "ADV-2008-1409",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1409/references"
},
{
"name": "28986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28986"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2040",
"datePublished": "2008-04-30T15:00:00.000Z",
"dateReserved": "2008-04-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:49:56.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6454 (GCVE-0-2007-6454)
Vulnerability from cvelistv5 – Published: 2007-12-20 00:00 – Updated: 2024-08-07 16:11
VLAI
Summary
Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
15 references
Date Public
2007-12-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:04.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200801-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200801-22.xml"
},
{
"name": "26899",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26899"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=202747"
},
{
"name": "28719",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28719"
},
{
"name": "peercast-handshakehttp-bo(39075)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39075"
},
{
"name": "DSA-1583",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1583"
},
{
"name": "28120",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28120"
},
{
"name": "30325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30325"
},
{
"name": "20071217 Heap overflow in PeerCast 0.1217",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/485199/100/0/threaded"
},
{
"name": "28260",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28260"
},
{
"name": "DSA-1441",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1441"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=202747"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/peercasthof-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457300"
},
{
"name": "ADV-2007-4246",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4246"
},
{
"name": "3461",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3461"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200801-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200801-22.xml"
},
{
"name": "26899",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26899"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=202747"
},
{
"name": "28719",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28719"
},
{
"name": "peercast-handshakehttp-bo(39075)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39075"
},
{
"name": "DSA-1583",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1583"
},
{
"name": "28120",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28120"
},
{
"name": "30325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30325"
},
{
"name": "20071217 Heap overflow in PeerCast 0.1217",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/485199/100/0/threaded"
},
{
"name": "28260",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28260"
},
{
"name": "DSA-1441",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1441"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=202747"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/peercasthof-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457300"
},
{
"name": "ADV-2007-4246",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4246"
},
{
"name": "3461",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3461"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6454",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200801-22",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200801-22.xml"
},
{
"name": "26899",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26899"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=202747",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=202747"
},
{
"name": "28719",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28719"
},
{
"name": "peercast-handshakehttp-bo(39075)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39075"
},
{
"name": "DSA-1583",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1583"
},
{
"name": "28120",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28120"
},
{
"name": "30325",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30325"
},
{
"name": "20071217 Heap overflow in PeerCast 0.1217",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/485199/100/0/threaded"
},
{
"name": "28260",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28260"
},
{
"name": "DSA-1441",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1441"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=202747",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=202747"
},
{
"name": "http://aluigi.altervista.org/adv/peercasthof-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/peercasthof-adv.txt"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457300",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457300"
},
{
"name": "ADV-2007-4246",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4246"
},
{
"name": "3461",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3461"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6454",
"datePublished": "2007-12-20T00:00:00.000Z",
"dateReserved": "2007-12-19T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:11:04.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3087 (GCVE-0-2007-3087)
Vulnerability from cvelistv5 – Published: 2007-06-06 10:00 – Updated: 2024-08-07 14:05
VLAI
Summary
Peercast places a cleartext password in a query string, which might allow attackers to obtain sensitive information by sniffing the network, or obtaining Referer or browser history information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://osvdb.org/42055 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/470455/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/2774 | third-party-advisoryx_refsource_SREASON |
Date Public
2007-06-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:05:29.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/42055"
},
{
"name": "peercast-password-information-disclosure(34713)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34713"
},
{
"name": "20070604 2007-06-03: PeerCast streaming server submits cleartext password",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/470455/100/0/threaded"
},
{
"name": "2774",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2774"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Peercast places a cleartext password in a query string, which might allow attackers to obtain sensitive information by sniffing the network, or obtaining Referer or browser history information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/42055"
},
{
"name": "peercast-password-information-disclosure(34713)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34713"
},
{
"name": "20070604 2007-06-03: PeerCast streaming server submits cleartext password",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/470455/100/0/threaded"
},
{
"name": "2774",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2774"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3087",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Peercast places a cleartext password in a query string, which might allow attackers to obtain sensitive information by sniffing the network, or obtaining Referer or browser history information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42055",
"refsource": "OSVDB",
"url": "http://osvdb.org/42055"
},
{
"name": "peercast-password-information-disclosure(34713)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34713"
},
{
"name": "20070604 2007-06-03: PeerCast streaming server submits cleartext password",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470455/100/0/threaded"
},
{
"name": "2774",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2774"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3087",
"datePublished": "2007-06-06T10:00:00.000Z",
"dateReserved": "2007-06-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:05:29.209Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1148 (GCVE-0-2006-1148)
Vulnerability from cvelistv5 – Published: 2006-03-10 11:00 – Updated: 2024-08-07 17:03
VLAI
Summary
Multiple stack-based buffer overflows in the procConnectArgs function in servmgr.cpp in PeerCast before 0.1217 allow remote attackers to execute arbitrary code via an HTTP GET request with a long (1) parameter name or (2) value in a URL, which triggers the overflow in the nextCGIarg function in servhs.cpp.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/17040 | vdb-entryx_refsource_BID |
| http://security.gentoo.org/glsa/glsa-200603-17.xml | vendor-advisoryx_refsource_GENTOO |
| http://www.vupen.com/english/advisories/2006/0900 | vdb-entryx_refsource_VUPEN |
| http://www.infigo.hr/in_focus/INFIGO-2006-03-01 | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/427160/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/23777 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/19291 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/19169 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.peercast.org/forum/viewtopic.php?t=3346 | x_refsource_CONFIRM |
Date Public
2006-03-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:03:27.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17040",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17040"
},
{
"name": "GLSA-200603-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200603-17.xml"
},
{
"name": "ADV-2006-0900",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0900"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.infigo.hr/in_focus/INFIGO-2006-03-01"
},
{
"name": "20060309 INFIGO-2006-03-01: PeerCast streaming server remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427160/100/0/threaded"
},
{
"name": "23777",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/23777"
},
{
"name": "19291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19291"
},
{
"name": "19169",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19169"
},
{
"name": "peercast-url-bo(25113)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25113"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.peercast.org/forum/viewtopic.php?t=3346"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the procConnectArgs function in servmgr.cpp in PeerCast before 0.1217 allow remote attackers to execute arbitrary code via an HTTP GET request with a long (1) parameter name or (2) value in a URL, which triggers the overflow in the nextCGIarg function in servhs.cpp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17040",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17040"
},
{
"name": "GLSA-200603-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200603-17.xml"
},
{
"name": "ADV-2006-0900",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0900"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.infigo.hr/in_focus/INFIGO-2006-03-01"
},
{
"name": "20060309 INFIGO-2006-03-01: PeerCast streaming server remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/427160/100/0/threaded"
},
{
"name": "23777",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/23777"
},
{
"name": "19291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19291"
},
{
"name": "19169",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19169"
},
{
"name": "peercast-url-bo(25113)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25113"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.peercast.org/forum/viewtopic.php?t=3346"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1148",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the procConnectArgs function in servmgr.cpp in PeerCast before 0.1217 allow remote attackers to execute arbitrary code via an HTTP GET request with a long (1) parameter name or (2) value in a URL, which triggers the overflow in the nextCGIarg function in servhs.cpp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17040",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17040"
},
{
"name": "GLSA-200603-17",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200603-17.xml"
},
{
"name": "ADV-2006-0900",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0900"
},
{
"name": "http://www.infigo.hr/in_focus/INFIGO-2006-03-01",
"refsource": "MISC",
"url": "http://www.infigo.hr/in_focus/INFIGO-2006-03-01"
},
{
"name": "20060309 INFIGO-2006-03-01: PeerCast streaming server remote buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/427160/100/0/threaded"
},
{
"name": "23777",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23777"
},
{
"name": "19291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19291"
},
{
"name": "19169",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19169"
},
{
"name": "peercast-url-bo(25113)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25113"
},
{
"name": "http://www.peercast.org/forum/viewtopic.php?t=3346",
"refsource": "CONFIRM",
"url": "http://www.peercast.org/forum/viewtopic.php?t=3346"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1148",
"datePublished": "2006-03-10T11:00:00.000Z",
"dateReserved": "2006-03-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:03:27.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1806 (GCVE-0-2005-1806)
Vulnerability from cvelistv5 – Published: 2005-06-01 04:00 – Updated: 2024-08-07 22:06
VLAI
Summary
Format string vulnerability in PeerCast 0.1211 and earlier allows remote attackers to execute arbitrary code via format strings in the URL.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.gentoo.org/security/en/glsa/glsa-20050… | vendor-advisoryx_refsource_GENTOO |
| http://secunia.com/advisories/15753 | third-party-advisoryx_refsource_SECUNIA |
| http://marc.info/?l=bugtraq&m=111746603629979&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.gulftech.org/?node=research&article_id… | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2005/0651 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/15536 | third-party-advisoryx_refsource_SECUNIA |
| http://www.peercast.org/forum/viewtopic.php?p=11596 | x_refsource_CONFIRM |
Date Public
2005-05-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.147Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200506-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200506-15.xml"
},
{
"name": "15753",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15753"
},
{
"name": "20050528 Format String Vulnerability In Peercast 0.1211 And Earlier",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111746603629979\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00077-05282005"
},
{
"name": "ADV-2005-0651",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/0651"
},
{
"name": "15536",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15536"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.peercast.org/forum/viewtopic.php?p=11596"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-05-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in PeerCast 0.1211 and earlier allows remote attackers to execute arbitrary code via format strings in the URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200506-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200506-15.xml"
},
{
"name": "15753",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15753"
},
{
"name": "20050528 Format String Vulnerability In Peercast 0.1211 And Earlier",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111746603629979\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00077-05282005"
},
{
"name": "ADV-2005-0651",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/0651"
},
{
"name": "15536",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15536"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.peercast.org/forum/viewtopic.php?p=11596"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1806",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in PeerCast 0.1211 and earlier allows remote attackers to execute arbitrary code via format strings in the URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200506-15",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200506-15.xml"
},
{
"name": "15753",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15753"
},
{
"name": "20050528 Format String Vulnerability In Peercast 0.1211 And Earlier",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111746603629979\u0026w=2"
},
{
"name": "http://www.gulftech.org/?node=research\u0026article_id=00077-05282005",
"refsource": "MISC",
"url": "http://www.gulftech.org/?node=research\u0026article_id=00077-05282005"
},
{
"name": "ADV-2005-0651",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/0651"
},
{
"name": "15536",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15536"
},
{
"name": "http://www.peercast.org/forum/viewtopic.php?p=11596",
"refsource": "CONFIRM",
"url": "http://www.peercast.org/forum/viewtopic.php?p=11596"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1806",
"datePublished": "2005-06-01T04:00:00.000Z",
"dateReserved": "2005-06-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:06:57.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}