CVE-2006-1148
CVE-2006-1148
Multiple stack-based buffer overflows in the procConnectArgs function in servmgr.cpp in PeerCast before 0.1217 allow remote attackers to execute arbitrary code via an HTTP GET request with a long (1) parameter name or (2) value in a URL, which triggers the overflow in the nextCGIarg function in servhs.cpp.
Affected products
n/a · n/apublic PoCs found — 3
exploitdbwww.exploit-db.com/exploits/10027unverifiedexploitdbwww.exploit-db.com/exploits/16786unverifiedexploitdbwww.exploit-db.com/exploits/16855unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://secunia.com/advisories/19169http://secunia.com/advisories/19291http://security.gentoo.org/glsa/glsa-200603-17.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/25113http://www.infigo.hr/in_focus/INFIGO-2006-03-01http://www.osvdb.org/23777http://www.peercast.org/forum/viewtopic.php?t=3346http://www.securityfocus.com/archive/1/427160/100/0/threadedhttp://www.securityfocus.com/bid/17040http://www.vupen.com/english/advisories/2006/0900