Lucene search

[email protected]NVD:CVE-2008-7166

HistorySep 04, 2009 - 10:30 a.m.

CVE-2008-7166

2009-09-0410:30:01

CWE-119

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

Low

0.062 Low

EPSS

Percentile

93.6%

JSON

Buffer overflow in the web interface in BitTorrent 6.0.1 (build 7859) and earlier, and uTorrent 1.7.6 (build 7859) and earlier, allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted Range header. NOTE: this is probably a different vulnerability than CVE-2008-0071 and CVE-2008-0364.

Affected configurations

NVD

Node

bittorrentbittorrentRange≤6.0.1

bittorrentbittorrentMatch3.9.1

bittorrentbittorrentMatch4.0.0

bittorrentbittorrentMatch4.0.1

bittorrentbittorrentMatch4.0.2

bittorrentbittorrentMatch4.0.3

bittorrentbittorrentMatch4.0.4

bittorrentbittorrentMatch4.1.0

bittorrentbittorrentMatch4.1.1

bittorrentbittorrentMatch4.1.2

bittorrentbittorrentMatch4.1.3

bittorrentbittorrentMatch4.1.4

bittorrentbittorrentMatch4.1.5

bittorrentbittorrentMatch4.1.6

bittorrentbittorrentMatch4.1.7

bittorrentbittorrentMatch4.1.8

bittorrentbittorrentMatch4.2.0

bittorrentbittorrentMatch4.2.1

bittorrentbittorrentMatch4.2.2

bittorrentbittorrentMatch4.3.0

bittorrentbittorrentMatch4.3.1

bittorrentbittorrentMatch4.3.2

bittorrentbittorrentMatch4.3.3

bittorrentbittorrentMatch4.3.4

bittorrentbittorrentMatch4.3.5

bittorrentbittorrentMatch4.3.6

bittorrentbittorrentMatch4.4.0

bittorrentbittorrentMatch4.4.1

bittorrentbittorrentMatch4.9.2

bittorrentbittorrentMatch4.9.3

bittorrentbittorrentMatch4.9.4

bittorrentbittorrentMatch4.9.5

bittorrentbittorrentMatch4.9.6

bittorrentbittorrentMatch4.9.7

bittorrentbittorrentMatch4.9.8

bittorrentbittorrentMatch4.9.9

bittorrentbittorrentMatch4.20.0

bittorrentbittorrentMatch4.20.1

bittorrentbittorrentMatch4.20.2

bittorrentbittorrentMatch4.20.3

bittorrentbittorrentMatch4.20.4

bittorrentbittorrentMatch4.20.6

bittorrentbittorrentMatch4.20.7

bittorrentbittorrentMatch4.20.8

bittorrentbittorrentMatch4.20.9

bittorrentbittorrentMatch4.22.0

bittorrentbittorrentMatch4.22.1

bittorrentbittorrentMatch4.22.4

bittorrentbittorrentMatch4.24.0

bittorrentbittorrentMatch4.24.2

bittorrentbittorrentMatch4.26.0

bittorrentbittorrentMatch4.27.1

bittorrentbittorrentMatch4.27.2

bittorrentbittorrentMatch5.0.0

bittorrentbittorrentMatch5.0.1

bittorrentbittorrentMatch5.0.2

bittorrentbittorrentMatch5.0.3

bittorrentbittorrentMatch5.0.4

bittorrentbittorrentMatch5.0.5

bittorrentbittorrentMatch5.0.6

bittorrentbittorrentMatch5.0.7

bittorrentbittorrentMatch5.0.8

bittorrentbittorrentMatch5.0.9

bittorrentbittorrentMatch5.2.0

bittorrentbittorrentMatch6.0

utorrentutorrentRange≤1.7.6

utorrentutorrentMatch1.1.1

utorrentutorrentMatch1.1.3

utorrentutorrentMatch1.1.4

utorrentutorrentMatch1.1.5

utorrentutorrentMatch1.1.6

utorrentutorrentMatch1.1.7

utorrentutorrentMatch1.2

utorrentutorrentMatch1.2.1

utorrentutorrentMatch1.2.2

utorrentutorrentMatch1.3

utorrentutorrentMatch1.4

utorrentutorrentMatch1.4.2

utorrentutorrentMatch1.5

utorrentutorrentMatch1.6

utorrentutorrentMatch1.7

utorrentutorrentMatch1.7.1

utorrentutorrentMatch1.7.2

utorrentutorrentMatch1.7.3

utorrentutorrentMatch1.7.4

utorrentutorrentMatch1.7.5

References

aluigi.altervista.org/adv/ruttorrent2-adv.txt

osvdb.org/42825

osvdb.org/42826

secunia.com/advisories/28686

secunia.com/advisories/28695

www.vupen.com/english/advisories/2008/0326

www.vupen.com/english/advisories/2008/0327

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

Low

0.062 Low

EPSS

Percentile

93.6%

JSON

Related for NVD:CVE-2008-7166

cvelist3 cve3 prion3 seebug2 redhatcve1 nvd2 securityvulns2