ID de Prueba:	1.3.6.1.4.1.25623.1.0.800147
Categoría:	Buffer overflow
Título:	Streamripper Multiple Buffer Overflow Vulnerabilities - Linux
Resumen:	Streamripper is prone to multiple buffer overflow vulnerabilities.
Descripción:	Summary: Streamripper is prone to multiple buffer overflow vulnerabilities. Vulnerability Insight: The flaws are due to boundary error within, - http_parse_sc_header() function in lib/http.c, when parsing an overly long HTTP header starting with Zwitterion v. - http_get_pls() and http_get_m3u() functions in lib/http.c, when parsing a specially crafted pls playlist containing an overly long entry or m3u playlist containing an overly long File entry. Vulnerability Impact: Successful attack could lead to execution of arbitrary code by tricking a user into connecting to a malicious server or can even cause denial-of-service condition. Affected Software/OS: Streamripper Version 1.63.5 and earlier on Linux. Solution: Upgrade to Version 1.64.0 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4829 BugTraq ID: 32356 http://www.securityfocus.com/bid/32356 Bugtraq: 20081119 Secunia Research: Streamripper Multiple Buffer Overflows (Google Search) http://www.securityfocus.com/archive/1/498486/100/0/threaded Debian Security Information: DSA-1683 (Google Search) http://www.debian.org/security/2008/dsa-1683 http://secunia.com/secunia_research/2008-50/ http://www.osvdb.org/49997 http://secunia.com/advisories/32562 http://secunia.com/advisories/33052 http://secunia.com/advisories/33061 http://securityreason.com/securityalert/4647 http://www.vupen.com/english/advisories/2008/3207
Copyright	Copyright (C) 2008 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.