CVE-2008-4829

Multiple buffer overflows in lib/http.c in Streamripper 1.63.5 allow remote attackers to execute arbitrary code via 1 a long "Zwitterion v" HTTP header, related to the httpparsescheader function; 2 a crafted pls playlist with a long entry, related to the httpgetpls function; or 3 a crafted m3u...

Buffer overflow

Multiple buffer overflows in lib/http.c in Streamripper 1.63.5 allow remote attackers to execute arbitrary code via 1 a long "Zwitterion v" HTTP header, related to the httpparsescheader function; 2 a crafted pls playlist with a long entry, related to the httpgetpls function; or 3 a crafted m3u...

CVE-2008-4829

Multiple buffer overflows in lib/http.c in Streamripper 1.63.5 allow remote attackers to execute arbitrary code via 1 a long "Zwitterion v" HTTP header, related to the httpparsescheader function; 2 a crafted pls playlist with a long entry, related to the httpgetpls function; or 3 a crafted m3u...

DEBIAN-CVE-2008-4829

Multiple buffer overflows in lib/http.c in Streamripper 1.63.5 allow remote attackers to execute arbitrary code via 1 a long "Zwitterion v" HTTP header, related to the httpparsescheader function; 2 a crafted pls playlist with a long entry, related to the httpgetpls function; or 3 a crafted m3u...

CVE-2008-4829

Multiple buffer overflows in lib/http.c in Streamripper 1.63.5 allow remote attackers to execute arbitrary code via 1 a long "Zwitterion v" HTTP header, related to the httpparsescheader function; 2 a crafted pls playlist with a long entry, related to the httpgetpls function; or 3 a crafted m3u...

CVE-2008-4829

CVE-2008-4829 affects the Streamripper project, with public sources describing multiple buffer overflows in lib/http.c (functions http_parse_sc_header, http_get_pls, http_get_m3u) triggered by overly long HTTP headers and playlists. Public reports (e.g., GLSA 200901-05, Debian DSA-1683-1, OpenVAS...

CVE-2008-4829

Multiple buffer overflows in lib/http.c in Streamripper 1.63.5 allow remote attackers to execute arbitrary code via 1 a long "Zwitterion v" HTTP header, related to the httpparsescheader function; 2 a crafted pls playlist with a long entry, related to the httpgetpls function; or 3 a crafted m3u...

FreeBSD Ports: streamripper

The remote host is missing an update to the system as announced in the referenced advisory. VID 4d4caee0-b939-11dd-a578-0030843d3802 OpenVAS Vulnerability Test $ Description: Auto generated from VID 4d4caee0-b939-11dd-a578-0030843d3802 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: streamripper

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD : streamripper -- multiple buffer overflows (4d4caee0-b939-11dd-a578-0030843d3802)

Secunia reports : A boundary error exists within httpparsescheader in lib/http.c when parsing an overly long HTTP header starting with 'Zwitterion v'. A boundary error exists within httpgetpls in lib/http.c when parsing a specially crafted pls playlist containing an overly long entry. A boundary...

Secunia Research: Streamripper Multiple Buffer Overflows

====================================================================== Secunia Research 19/11/2008 - Streamripper Multiple Buffer Overflows - ====================================================================== Table of Contents Affected...

Streamripper lib/http.c文件多个缓冲区溢出漏洞

BUGTRAQ ID: 32356 CVECAN ID: CVE-2008-4829 StreamRipper能够将网上的MP3流媒体保存到硬盘中，特别适合录制网络MP3广播。 Streamripper的lib/http.c文件中的httpparsescheader函数在解析以Zwitterion v开始的超长HTTP头时、httpgetpls函数在解析包含有超长项的特制pls播放列表时、httpgetm3u函数在解析包含有超长File项的特制m3u播放列表时存在缓冲区溢出漏洞。如果用户受骗连接到了恶意的服务器并加载了恶意的媒体文件的话，就可以触发这些溢出，导致执行任意指令。...

Streamripper multiple buffer overflows

Buffer overflows on HTTP response headers parsing, .m3u and .pls playlists parsing...

Gentoo Security Advisory GLSA 200709-03 (streamripper)

The remote host is missing updates announced in advisory GLSA 200709-03. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200609-01 (streamripper)

The remote host is missing updates announced in advisory GLSA 200609-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200709-03 (streamripper)

The remote host is missing updates announced in advisory GLSA 200709-03. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200609-01 (streamripper)

The remote host is missing updates announced in advisory GLSA 200609-01. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1158-1 (streamripper)

The remote host is missing an update to streamripper announced via advisory DSA 1158-1. Ulf Harnhammer from the Debian Security Audit Project discovered that streamripper, a utility to record online radio-streams, performs insufficient sanitising of data received from the streaming server, which...

Debian: Security Advisory (DSA-1158)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-200709-03 : Streamripper: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-200709-03 Streamripper: Buffer overflow Chris Rohlf discovered several boundary errors in the httplibparsescheader function when processing HTTP headers. Impact : A remote attacker could entice a user to connect to a malicious...