Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1120

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-1120
Last Modified 05 Sep 2008 04:40:26
Published 10 Jan 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1120

Summary

Mulitple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header.

Vulnerable Systems

Application

  • Prozilla Download Accelerator 1.0.0

  • Prozilla Download Accelerator 1.3.0

  • Prozilla Download Accelerator 1.3.1

  • Prozilla Download Accelerator 1.3.2

  • Prozilla Download Accelerator 1.3.3

  • Prozilla Download Accelerator 1.3.4

  • Prozilla Download Accelerator 1.3.5

  • Prozilla Download Accelerator 1.3.5.1

  • Prozilla Download Accelerator 1.3.5.2

  • Prozilla Download Accelerator 1.3.6


References

XF - prozilla-bo(18210)

BID - 11734

BUGTRAQ - 20041124 Prozilla Remote Exploit

GENTOO - GLSA-200411-31

DEBIAN - DSA-663

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=70090


Last Updated: 27 May 2016 10:38:54