Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0550

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-0550
Last Modified 05 Sep 2008 05:35:22
Published 01 Feb 2008 03:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0550

Summary

Off-by-one error in Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a certain HTTP request that leads to a buffer overflow, as demonstrated by a long User-Agent header.

Vulnerable Systems

Application

  • Radio Toolbox Steamcast 0.9.75


References

XF - steamcast-http-bo(39928)

MISC - http://aluigi.org/poc/steamcazz.zip

MISC - http://aluigi.altervista.org/adv/steamcazz-adv.txt


Last Updated: 27 May 2016 10:46:51