PT-2008-2760 · Squid+1 · Squid+1
Publicado
2008-03-05
·
Atualizado
2018-10-11
·
CVE-2008-1167
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Sarg version 2.2.3.1
Description
A stack-based buffer overflow issue exists in the
useragent function, located in useragent.c, which allows remote attackers to execute arbitrary code by sending a long Squid proxy server User-Agent header.Recommendations
For Sarg version 2.2.3.1, consider disabling the
useragent function until a patch is available to prevent potential exploitation.Correção
RCE
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Sarg
Squid