Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1771

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-1771
Last Modified 07 Mar 2011 10:07:36
Published 16 Apr 2008 11:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1771

Summary

Integer overflow in the ws_getpostvars function in Firefly Media Server (formerly mt-daapd) 0.2.4.1 (0.9~r1696-1.2 on Debian) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a large Content-Length.

Vulnerable Systems

Application

  • Fireflymediaserver 0.2.4.1


References

VUPEN - ADV-2008-1303

DEBIAN - DSA-1597

SECUNIA - 30661

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476241

FEDORA - FEDORA-2008-3250

XF - firefly-wsgetpostvars-bo(41850)

SECTRACK - 1019908

BID - 28860

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=593465&group_id=98211

SECUNIA - 29919

SECUNIA - 29917


Last Updated: 27 May 2016 10:47:38