CVE-2008-7160

Name of the Vulnerable Software and Affected Versions libsilc versions prior to 1.1.9 silc (affected versions not specified) libsilc-1.1-2 (affected versions not specified) libsilc-1.1-2-dev (affected versions not specified) libsilc-1.1-2-dbg (affected versions not specified)

Description The issue concerns multiple vulnerabilities in the SILC Toolkit, which can be exploited remotely to compromise the confidentiality, integrity, and availability of protected information. Specifically, the silc http server parse function in the internal HTTP server is vulnerable to a crafted Content-Length header, potentially allowing remote attackers to execute arbitrary code due to the incorrect use of a %lu format string.

Recommendations For versions prior to 1.1.9, update to version 1.1.9 or later to resolve the issue. For silc, libsilc-1.1-2, libsilc-1.1-2-dev, and libsilc-1.1-2-dbg, at the moment, there is no information about a newer version that contains a fix for this vulnerability.