Lucene search
FreeBSD76904DCE-CCF3-11D8-BABB-000854D03344HistoryJun 30, 2004 - 12:00 a.m.
Pavuk HTTP Location header overflow
2004-06-3000:00:00
vuxml.freebsd.org
12
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.004 Low
EPSS
Percentile
73.9%
When pavuk sends a request to a web server and the server
sends back the HTTP status code 305 (Use Proxy), pavuk
copies data from the HTTP Location header in an unsafe
manner. This leads to a stack-based buffer overflow with
control over EIP.
Related
nessus
nessus
GLSA-200406-22 : Pavuk: Remote buffer overflow
2004-08-30 00:00:00
FreeBSD : Pavuk HTTP Location header overflow (137)
2004-07-06 00:00:00
debiancve
debiancve
CVE-2004-0456
2004-12-06 05:00:00
openvas
openvas
Debian: Security Advisory (DSA-527)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200411-19 (pavuk)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200406-22 (Pavuk)
2008-09-24 00:00:00
securityvulns
securityvulns
[ GLSA 200411-19 ] Pavuk: Multiple buffer overflows
2004-11-13 00:00:00
gentoo
gentoo
Pavuk: Multiple buffer overflows
2004-11-10 00:00:00
Pavuk: Remote buffer overflow
2004-06-30 00:00:00
debian
debian
[SECURITY] [DSA 527-1] New pavuk packages fix buffer overflow
2004-07-03 19:10:05
cve
cve
CVE-2004-0456
2004-12-06 05:00:00
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.004 Low
EPSS
Percentile
73.9%
Related for 76904DCE-CCF3-11D8-BABB-000854D03344