Vulnonym.org

CVE-2008-2040 - Introspective Dozen

Description

Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http.cpp) in Peercast 0.1218 and gnome-peercast allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Basic Authentication string with a long (1) username or (2) password.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478573 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478680 http://www.debian.org/security/2008/dsa-1582 http://www.debian.org/security/2008/dsa-1583 http://www.securityfocus.com/bid/28986 http://secunia.com/advisories/29962 http://secunia.com/advisories/30020 http://secunia.com/advisories/30320 http://secunia.com/advisories/30325 http://security.gentoo.org/glsa/glsa-200807-11.xml http://secunia.com/advisories/31182 http://www.vupen.com/english/advisories/2008/1409/references http://www.vupen.com/english/advisories/2008/1410/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42092