PT-2007-5522 · Streamripper · Streamripper

Chris Rohlf

Published

2007-08-14

Updated

2018-10-15

CVE-2007-4337

CVSS v2.0

5.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Streamripper versions prior to 1.62.2

Description The issue is related to multiple buffer overflows in the httplib parse sc header function. This allows remote attackers to execute arbitrary code via long Location and Server HTTP headers.

Recommendations For versions prior to 1.62.2, update to version 1.62.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the httplib parse sc header function until a patch is available. Avoid using long Location and Server HTTP headers in the affected API endpoints until the issue is resolved.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2007-4337

DSA-1683-1

Affected Products

Streamripper

PT-2007-5522 · Streamripper · Streamripper

CVE-2007-4337

Weakness Enumeration

Related Identifiers

Affected Products

References · 17