PT-2021-23313 · Pyo+1 · Pyo+1

Awen-Lio

Published

2021-12-17

Updated

2022-01-07

CVE-2021-41499

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Pyo versions prior to 1.03

Description A Buffer Overflow issue exists in the Server debug function, allowing remote attackers to conduct Denial of Service (DoS) attacks by passing an overlong audio file name.

Recommendations For versions prior to 1.03, as a temporary workaround, consider disabling the Server debug function until a patch is available. Restrict access to the Server debug function to minimize the risk of exploitation. Avoid using overlong audio file names in the affected function until the issue is resolved.

Exploit

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2021-41499

GHSA-5F5C-687X-G5QM

Affected Products

Debian

Pyo

PT-2021-23313 · Pyo+1 · Pyo+1

CVE-2021-41499

Weakness Enumeration

Related Identifiers

Affected Products

References · 12