Test Kennung:	1.3.6.1.4.1.25623.1.0.800147
Kategorie:	Buffer overflow
Titel:	Streamripper Multiple Buffer Overflow Vulnerabilities - Linux
Zusammenfassung:	Streamripper is prone to multiple buffer overflow vulnerabilities.
Beschreibung:	Summary: Streamripper is prone to multiple buffer overflow vulnerabilities. Vulnerability Insight: The flaws are due to boundary error within, - http_parse_sc_header() function in lib/http.c, when parsing an overly long HTTP header starting with Zwitterion v. - http_get_pls() and http_get_m3u() functions in lib/http.c, when parsing a specially crafted pls playlist containing an overly long entry or m3u playlist containing an overly long File entry. Vulnerability Impact: Successful attack could lead to execution of arbitrary code by tricking a user into connecting to a malicious server or can even cause denial-of-service condition. Affected Software/OS: Streamripper Version 1.63.5 and earlier on Linux. Solution: Upgrade to Version 1.64.0 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4829 BugTraq ID: 32356 http://www.securityfocus.com/bid/32356 Bugtraq: 20081119 Secunia Research: Streamripper Multiple Buffer Overflows (Google Search) http://www.securityfocus.com/archive/1/498486/100/0/threaded Debian Security Information: DSA-1683 (Google Search) http://www.debian.org/security/2008/dsa-1683 http://secunia.com/secunia_research/2008-50/ http://www.osvdb.org/49997 http://secunia.com/advisories/32562 http://secunia.com/advisories/33052 http://secunia.com/advisories/33061 http://securityreason.com/securityalert/4647 http://www.vupen.com/english/advisories/2008/3207
Copyright	Copyright (C) 2008 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.