Lucene search
+L

9 matches found

securityvulns
securityvulns
added 2007/11/06 12:0 a.m.30 views

[UPH-07-01] Firefly Media Server DoS

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 UPH-07-01 UnprotectedHex.com security advisory 07-01 Discovered by nnp Discovered : 1 August 2007 Reported to the vendor : 13 October 2007 Fixed by vendor : 21 October 2007 Vulnerability class : Remote DoS Affected product : mt-dappd/Firefly Media...

1.4AI score
Exploits0
prion
prion
added 2007/11/05 7:46 p.m.20 views

Format string

Format string vulnerability in the wsaddarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the 1 username or 2 password portion of base64-encoded...

7.5CVSS7.8AI score0.03723EPSS
Exploits0References10Affected Software1
nvd
nvd
added 2007/11/05 7:46 p.m.16 views

CVE-2007-5824

webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a stats method action to /xml-rpc with 1 an empty Authorization header line, which triggers a crash in the wsdecodepassword function; or 2 a...

7.1CVSS6.4AI score0.05592EPSS
Exploits0References13
ubuntucve
ubuntucve
added 2007/11/05 7:46 p.m.24 views

CVE-2007-5824

webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a stats method action to /xml-rpc with 1 an empty Authorization header line, which triggers a crash in the wsdecodepassword function; or 2 a...

7.1CVSS5.9AI score0.05592EPSS
Exploits0References1
prion
prion
added 2007/11/05 7:46 p.m.18 views

Authorization

webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a stats method action to /xml-rpc with 1 an empty Authorization header line, which triggers a crash in the wsdecodepassword function; or 2 a...

7.1CVSS6.7AI score0.05592EPSS
Exploits0References13Affected Software1
cve
cve
added 2007/11/05 7:0 p.m.56 views

CVE-2007-5825

CVE-2007-5825 is a format-string vulnerability in the mt-daapd Firefly Media Server (ws_addarg in webserver.c) that can be triggered via the Authorization: Basic header (base64 username/password) in XML-RPC requests, allowing remote code execution. The issue affects Firefly MT‑DAAPD up to version...

7.5CVSS7.4AI score0.03723EPSS
Exploits0References10Affected Software1
cvelist
cvelist
added 2007/11/05 7:0 p.m.36 views

CVE-2007-5824

webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a stats method action to /xml-rpc with 1 an empty Authorization header line, which triggers a crash in the wsdecodepassword function; or 2 a...

6.3AI score0.05592EPSS
Exploits0References13
seebug
seebug
added 2007/11/03 12:0 a.m.30 views

Firefly Media Server <= 0.2.4 Remote Denial of Service Exploit

No description provided by source. !C:\python25\python25.exe """ Advisory : UPH-07-02 mt-dappd/Firefly media server remote DoS Discovered by nnp http://www.unprotectedhex.com """ import sys import socket import time if lensys.argv != 3: sys.exit-1...

7.1AI score
Exploits0
packetstorm
packetstorm
added 2007/11/02 12:0 a.m.22 views

uph0701.py.txt

!C:\python25\python25.exe """ Advisory : UPH-07-01 mt-dappd/Firefly media server remote DoS Discovered by nnp http://www.unprotectedhex.com """ import sys import socket import time if lensys.argv != 3: sys.exit-1 killmsg = """GET /xml-rpc?method=stats HTTP/1.1\r\n INVALIDLINE\r\n\r\n""" host =...

7.4AI score
Exploits0
Rows per page
Query Builder