Debian Security Advisory DSA 1441-1 (peercast) Network Vulnerability

Summary

The remote host is missing an update to peercast announced via advisory DSA 1441-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201441-1

Insight

Luigi Auriemma discovered that PeerCast, a P2P audio and video streaming server, is vulnerable to a heap overflow in the HTTP server code, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request. For the stable distribution (etch), this problem has been fixed in version 0.1217.toots.20060314-1etch0. The old stable distribution (sarge) does not contain peercast. For the unstable distribution (sid), this problem has been fixed in version 0.1218+svn20071220+2. We recommend that you upgrade your peercast packages.

Severity

Classification

CVE CVE-2007-6454

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 1018-1 (kernel-source-2.4.27)
Debian Security Advisory DSA 1021-1 (netpbm-free)
Debian Security Advisory DSA 1026-1 (sash)
Debian Security Advisory DSA 012-1 (micq)
Debian Security Advisory DSA 1082-1 (kernel-2.4.17)

Take action and discover your vulnerabilities