5 matches found
CVE-2007-6454
CVE-2007-6454 affects PeerCast up to version 0.1217 (and SVN 344) and is caused by a heap-based buffer overflow in handshakeHTTP within servhs.cpp. An attacker can remotely trigger a long SOURCE request to cause denial of service and potentially execute arbitrary code. Public advisories (e.g., De...
CVE-2005-1806
Peercast is affected by a format-string vulnerability (CVE-2005-1806) in versions 0.1211 and earlier. The flaw allows remote attackers to execute arbitrary code or crash the server by sending specially crafted URLs, with the attacker’s privileges typically equal to the user running Peercast. Publ...
CVE-2008-2040
CVE-2008-2040 describes a stack-based buffer overflow in PeerCast’s HTTP::getAuthUserPass() when handling overly long HTTP Basic authentication data. The vulnerability affects PeerCast (and gnome-peercast) server/client components, allowing a remote attacker to crash the service or potentially ex...
CVE-2006-1148
CVE-2006-1148 affects PeerCast vulnerable to a stack-based buffer overflow in the URL handling code (nextCGIarg) when processing long HTTP GET parameters. Affected versions include PeerCast = 0.1217 to mitigate. Additional context from Gentoo GLSA 200603-17 confirms the vulnerability and recommen...
CVE-2007-3087
Peercast is affected by CVE-2007-3087. The vulnerability arises because Pegercast places a cleartext password in a query string, enabling potential disclosure of sensitive data if an attacker can sniff network traffic or access Referer/browser history information. The connected documents confirm ...