CVE-2007-6454 - CVE Reference - Advisories

CVE Reference: CVE-2007-6454

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-6454

Description: Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/39075 SREASON http://securityreason.com/securityalert/3461 SAID Secunia Advisory: SA30325 Secunia Advisory: SA28719 Secunia Advisory: SA28120 Secunia Advisory: SA28260 MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457300 http://bugs.gentoo.org/show_bug.cgi?id=202747 http://aluigi.altervista.org/adv/peercasthof-adv.txt GENTOO http://www.gentoo.org/security/en/glsa/glsa-200801-22.xml DEBIAN http://www.debian.org/security/2007/dsa-1441 http://www.debian.org/security/2008/dsa-1583 CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=202747 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/485199/100/0/threaded BID 26899

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Linux Kernel LDT Buffer Size Handling Vulnerability

2.	Drupal Session Fixation Vulnerability

3.	OpenBSD BIND Query Port DNS Cache Poisoning

4.	Red Hat update for kernel

5.	Ubuntu update for php

6.	Debian update for xulrunner

7.	IPCop update for perl

8.	Debian update for cupsys

9.	Red Hat update for thunderbird

10.	Apple Safari Cross-Domain Cookie Injection Vulnerability