9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.751 High
EPSS
Percentile
98.2%
Added: 04/25/2008
CVE: CVE-2008-0311
BID: 28602
OSVDB: 44039
Borland StarTeam is a software change and configuration management system.
A buffer overflow vulnerability in the **PGMWebHandler::parse_request**
function in the StarTeam Multicast Service allows remote attackers to execute arbitrary commands by sending a large HTTP request.
Disable the Multicast Service monitoring port.
<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=675>
Exploit works on Borland StarTeam 2005.
Windows 2000
Windows Server 2003