Streamripper: Buffer overflow

Background Streamripper is a tool for extracting and recording mp3 files from a Shoutcast stream. Description Chris Rohlf discovered several boundary errors in the httplibparsescheader function when processing HTTP headers. Impact A remote attacker could entice a user to connect to a malicious...

Streamripper 1.62.1 - Buffer Overflows

Streamripper 1.62.1 Security Advisory | http://streamripper.sf.net Multiple Buffer Overflows 12 August 2007 Chris Rohlf http://em386.blogspot.com ----------- Description ----------- Streamripper is a program used to rip streaming media to mp3 format to your harddrive. Multiple buffer overflows th...

Streamripper HTTP头解析缓冲区溢出漏洞

Streamripper是一款免费的用以录制网络MP3流媒体的软件。 Streamripper处理HTTP头字段数据存在缓冲区溢出，远程攻击者可以利用漏洞进行拒绝服务攻击，可能导致以应用程序进程权限执行任意指令。 目前没有详细漏洞细节提供。 Streamripper Streamripper 1.62.1 Streamripper Streamripper 1.62 Streamripper Streamripper 1.61.26 Streamripper Streamripper 1.61.25 Streamripper Streamripper 1.61.24 Streamripp...

Streamripper stream to MP3 ripper buffer overflow

Multiple buffer overflow on HTTP headers parsing...

CVE-2007-4337

Multiple buffer overflows in the httplibparsescheader function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long 1 Location and 2 Server HTTP headers, a different vulnerability than CVE-2006-3124...

CVE-2007-4337

Multiple buffer overflows in the httplibparsescheader function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long 1 Location and 2 Server HTTP headers, a different vulnerability than CVE-2006-3124...

DEBIAN-CVE-2007-4337

Multiple buffer overflows in the httplibparsescheader function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long 1 Location and 2 Server HTTP headers, a different vulnerability than CVE-2006-3124...

Buffer overflow

Multiple buffer overflows in the httplibparsescheader function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long 1 Location and 2 Server HTTP headers, a different vulnerability than CVE-2006-3124...

CVE-2007-4337

Multiple buffer overflows in the httplibparsescheader function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long 1 Location and 2 Server HTTP headers, a different vulnerability than CVE-2006-3124...

CVE-2007-4337

Multiple buffer overflows in the httplibparsescheader function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long 1 Location and 2 Server HTTP headers, a different vulnerability than CVE-2006-3124...

CVE-2007-4337

CVE-2007-4337 describes multiple buffer overflows in Streamripper’s httplib_parse_sc_header() in lib/http.c, allowing remote code execution via crafted long HTTP headers (Location and Server). Affected software: Streamripper prior to version 1.62.2. Root cause: buffer overflows in header parsing....

CVE-2007-4337

Multiple buffer overflows in the httplibparsescheader function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long 1 Location and 2 Server HTTP headers, a different vulnerability than CVE-2006-3124...

Streamripper HTTP头字段解析缓冲区溢出漏洞

StreamRipper能够将网上的MP3流媒体保存到硬盘中，特别适合录制网络MP3广播。 StreamRipper在处理服务器返回的某些HTTP头字段时存在缓冲区溢出，远程攻击者可能利用此漏洞在用户机器上执行任意指令。 如果用户受骗访问了攻击设置的恶意服务器的话就可能触发这个漏洞，导致执行任意指令。 Streamripper Streamripper 1.61.25 Streamripper Streamripper 1.61.24 Debian ------ Debian已经为此发布了一个安全公告（DSA-1158-1）以及相应补丁: DSA-1158-1：New...

Streamripper <= 1.61.25 HTTP Header Parsing Buffer Overflow Exploit

No description provided by source. / . \ \ \ \ | | / | | | | \ / / /\ \ / \ | | \ / | |/ | |/ / \ / \ | / \ // | Y / ^ /\ | //\ \ /| / / || /\ | \ | \ / / / / 29\08\06 / || / / mm. dM8 YMMMb. dMM8 YMMMMb dMMM' YMMMb dMMMP There are doors I have yet to open YMMM MMM' windows I have yet...

Debian DSA-1158-1 : streamripper - buffer overflow

Ulf Harnhammar from the Debian Security Audit Project discovered that streamripper, a utility to record online radio-streams, performs insufficient sanitising of data received from the streaming server, which might lead to buffer overflows and the execution of arbitrary code. %NASLMINLEVEL 70300 ...

GLSA-200609-01 : Streamripper: Multiple remote buffer overflows

The remote host is affected by the vulnerability described in GLSA-200609-01 Streamripper: Multiple remote buffer overflows Ulf Harnhammar, from the Debian Security Audit Project, has found that Streamripper is vulnerable to multiple stack based buffer overflows caused by improper bounds checking...

Streamripper: Multiple remote buffer overflows

Background Streamripper extracts and records individual MP3 file tracks from SHOUTcast streams. Description Ulf Harnhammar, from the Debian Security Audit Project, has found that Streamripper is vulnerable to multiple stack based buffer overflows caused by improper bounds checking when processing...

streamripper-1.txt

/ name: streamripper exploit.exe 80 0 public-release streamripper streamripper.exe http://127.0.0.1:80 Connecting... on other shell + client conneted! + exploit send check shell on port 4444 now connect to 127.0.0.1:4444 / / define WIN32 / include include include ifdef WIN32 include pragma...

Streamripper 1.61.25 - HTTP Header Parsing Buffer Overflow (2)

/ name: streamripper exploit.exe 80 0 public-release streamripper streamripper.exe http://127.0.0.1:80 Connecting... on other shell + client conneted! + exploit send check shell on port 4444 now connect to 127.0.0.1:4444 / / define WIN32 / include include include ifdef WIN32 include pragma...

Streamripper 1.61.25 - HTTP Header Parsing Buffer Overflow (2)

Streamripper 1.61.25 - HTTP Header Parsing Buffer Overflow 2 / name: streamripper exploit.exe 80 0 public-release streamripper streamripper.exe http://127.0.0.1:80 Connecting... on other shell + client conneted! + exploit send check shell on port 4444 now connect to 127.0.0.1:4444 / / define WIN3...