Vulnerability Name:

CVE-2007-6454 (CCN-39075)

Assigned:2007-12-17
Published:2007-12-17
Updated:2018-10-15
Summary:Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.
CVSS v3 Severity:5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.8 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
3.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: Luigi Auriemma Advisories, 17 Dec 2007
Heap overflow in PeerCast 0.1217 / SVN 344

Source: MISC
Type: Exploit
http://aluigi.altervista.org/adv/peercasthof-adv.txt

Source: MISC
Type: UNKNOWN
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457300

Source: MISC
Type: UNKNOWN
http://bugs.gentoo.org/show_bug.cgi?id=202747

Source: MITRE
Type: CNA
CVE-2007-6454

Source: CCN
Type: SA28120
PeerCast "handshakeHTTP()" Buffer Overflow Vulnerability

Source: SECUNIA
Type: Vendor Advisory
28120

Source: SECUNIA
Type: UNKNOWN
28260

Source: SECUNIA
Type: UNKNOWN
28719

Source: SECUNIA
Type: UNKNOWN
30325

Source: SREASON
Type: UNKNOWN
3461

Source: DEBIAN
Type: UNKNOWN
DSA-1441

Source: DEBIAN
Type: UNKNOWN
DSA-1583

Source: DEBIAN
Type: DSA-1441
peercast -- buffer overflow

Source: DEBIAN
Type: DSA-1583
gnome-peercast -- buffer overflow

Source: CCN
Type: GLSA-200801-22
PeerCast: Buffer overflow

Source: GENTOO
Type: UNKNOWN
GLSA-200801-22

Source: CCN
Type: OSVDB ID: 40250
PeerCast servhs.cpp handshakeHTTP Function SOURCE Request Remote Overflow

Source: CCN
Type: PeerCast Web site
PeerCast

Source: BUGTRAQ
Type: UNKNOWN
20071217 Heap overflow in PeerCast 0.1217

Source: BID
Type: Exploit, Patch
26899

Source: CCN
Type: BID-26899
PeerCast HandshakeHTTP Multiple Buffer Overflow Vulnerabilities

Source: VUPEN
Type: UNKNOWN
ADV-2007-4246

Source: XF
Type: UNKNOWN
peercast-handshakehttp-bo(39075)

Source: XF
Type: UNKNOWN
peercast-handshakehttp-bo(39075)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:peercast:peercast:0.1211:*:*:*:*:*:*:*
  • OR cpe:/a:peercast:peercast:0.1212:*:*:*:*:*:*:*
  • OR cpe:/a:peercast:peercast:0.1215:*:*:*:*:*:*:*
  • OR cpe:/a:peercast:peercast:*:*:*:*:*:*:*:* (Version <= 0.1217)
  • OR cpe:/a:peercast:peercast:*:*:*:*:*:*:*:* (Version <= svn_344)

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:19851
    P
    		DSA-1583-1 gnome-peercast - several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:8122
    P
    		DSA-1583 gnome-peercast -- buffer overflow
    2014-06-23
    oval:org.mitre.oval:def:18740
    P
    		DSA-1441-1 peercast
    2014-06-23
    oval:org.debian:def:1583
    V
    		buffer overflow
    2008-05-20
    oval:org.debian:def:1441
    V
    		buffer overflow
    2007-12-28
    BACK
    peercast peercast 0.1211
    peercast peercast 0.1212
    peercast peercast 0.1215
    peercast peercast *
    peercast peercast *