Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0456

Overview

Vulnerability Score 7.6 7.6
CVE Id CVE-2004-0456
Last Modified 10 Sep 2008 03:26:28
Published 06 Dec 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2004-0456

Summary

Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header.

Vulnerable Systems

Operating System

  • Debian Linux 3.0

  • Gentoo Linux 1.1a

  • Gentoo Linux 1.2

  • Gentoo Linux 1.4

Application

  • Pavuk 0.928r1

  • Pavuk 0.9pl28i


References

XF - pavuk-location-bo(16551)

BID - 10633

DEBIAN - DSA-527

GENTOO - GLSA-200406-22

FULLDISC - 20040702 pavuk buffer overflow


Last Updated: 27 May 2016 10:38:36