Launchpad.net

CVE 2007-6454

Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.

Related bugs and status

CVE-2007-6454 (Candidate) is related to these bugs:

Bug #180303: [peercast] [CVE-2007-6454] buffer overflow, remote vulnerability allowing DoS or arbitrary code execution

		In	Importance	Status
180303	[peercast] [CVE-2007-6454] buffer overflow, remote vulnerability allowing DoS or arbitrary code execution	peercast (Ubuntu)	Undecided	Fix Released
180303	[peercast] [CVE-2007-6454] buffer overflow, remote vulnerability allowing DoS or arbitrary code execution	peercast (Debian)	Unknown	Fix Released
180303	[peercast] [CVE-2007-6454] buffer overflow, remote vulnerability allowing DoS or arbitrary code execution	peercast (Ubuntu Dapper)	Undecided	Won't Fix
180303	[peercast] [CVE-2007-6454] buffer overflow, remote vulnerability allowing DoS or arbitrary code execution	peercast (Ubuntu Edgy)	Undecided	Won't Fix
180303	[peercast] [CVE-2007-6454] buffer overflow, remote vulnerability allowing DoS or arbitrary code execution	peercast (Ubuntu Gutsy)	Undecided	Won't Fix
180303	[peercast] [CVE-2007-6454] buffer overflow, remote vulnerability allowing DoS or arbitrary code execution	peercast (Ubuntu Feisty)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

References

MISC: http://aluigi.altervis...
BID: 26899
SECUNIA: 28120
MISC: http://bugs.debian.org...
DEBIAN: DSA-1441
SECUNIA: 28260
CONFIRM: http://bugs.gentoo.org...
GENTOO: GLSA-200801-22
SECUNIA: 28719
MISC: http://bugs.gentoo.org...
SREASON: 3461
DEBIAN: DSA-1583
SECUNIA: 30325
VUPEN: ADV-2007-4246
XF: peercast-handshakehttp...
BUGTRAQ: 20071217 Heap overflow...