Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7249

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-7249
Last Modified 04 Jan 2010 12:32:13
Published 30 Dec 2009 05:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-7249

Summary

Buffer overflow in Squid Analysis Report Generator (Sarg) 2.2.3.1, and probably later, allows user-assisted remote attackers to execute arbitrary code via a long HTTP request method in a crafted access.log file, a different vulnerability than CVE-2008-1167.

Vulnerable Systems

Application

  • Pedro Lineu Orso Sarg 2.2.4


References

VUPEN - ADV-2008-0749

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=581212

BUGTRAQ - 20080302 Squid Analysis Report Generator <= 2.2.3.1 buffer overflow


Last Updated: 27 May 2016 10:49:31