|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200506-15] PeerCast: Format string vulnerability Vulnerability Scan
Vulnerability Scan Summary PeerCast: Format string vulnerability
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200506-15
(PeerCast: Format string vulnerability)
James Bercegay of the GulfTech Security Research Team discovered
that PeerCast insecurely implements formatted printing when receiving a
request with a malformed URL.
Impact
A remote attacker could exploit this vulnerability by sending a
request with a specially crafted URL to a PeerCast server to execute
arbitrary code.
Workaround
There is no known workaround at this time.
References:
http://www.gulftech.org/?node=research&article_id=00077-05282005
http://www.peercast.org/forum/viewtopic.php?p=11596
Solution:
All PeerCast users should upgrade to the latest available version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-sound/peercast-0.1212"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|