Peercast.org PeerCast Remote Buffer Overflow Vulnerability
BID:17040
Info
Peercast.org PeerCast Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 17040 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2006-1148 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 09 2006 12:00AM |
| Updated: | Apr 21 2009 06:46PM |
| Credit: | Discovered by infocus <[email protected]>. |
| Vulnerable: |
peercast.org PeerCast 0.1212 peercast.org PeerCast 0.1211 peercast.org PeerCast 0.1215 Gentoo Linux |
| Not Vulnerable: |
peercast.org PeerCast 0.1217 |
Discussion
Peercast.org PeerCast Remote Buffer Overflow Vulnerability
PeerCast is prone to a remote buffer-overflow vulnerability. A remote attacker could exploit this issue to execute arbitrary code.
PeerCast 0.1215 and earlier are vulnerable.
PeerCast is prone to a remote buffer-overflow vulnerability. A remote attacker could exploit this issue to execute arbitrary code.
PeerCast 0.1215 and earlier are vulnerable.
Exploit / POC
Peercast.org PeerCast Remote Buffer Overflow Vulnerability
Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.
A proof of concept is available:
http://www.example.com/stream/?AAAAAAAAAAAAAAAAAAAAAAA....(800)
Sample exploit code has been provided:
Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.
A proof of concept is available:
http://www.example.com/stream/?AAAAAAAAAAAAAAAAAAAAAAA....(800)
Sample exploit code has been provided:
Solution / Fix
Peercast.org PeerCast Remote Buffer Overflow Vulnerability
Solution:
The vendor has released PeerCast 0.1217 to address this issue. Please see the referenced advisories for more information and fixes.
peercast.org PeerCast 0.1215
peercast.org PeerCast 0.1211
peercast.org PeerCast 0.1212
Solution:
The vendor has released PeerCast 0.1217 to address this issue. Please see the referenced advisories for more information and fixes.
peercast.org PeerCast 0.1215
-
peercast.org PeerCast v0.1217
http://www.peercast.org/download.php
peercast.org PeerCast 0.1211
-
peercast.org PeerCast v0.1217
http://www.peercast.org/download.php
peercast.org PeerCast 0.1212
-
peercast.org PeerCast v0.1217
http://www.peercast.org/download.php
References
Peercast.org PeerCast Remote Buffer Overflow Vulnerability
References:
References:
- PeerCast Homepage (peercast.org)
- v0.1217 (Peercast.org)
- INFIGO-2006-03-01: PeerCast streaming server remote buffer ("infocus"
)