PeerCast servhs.cpp handshakeHTTP Function SOURCE Request Remote Overflow
High Nessus Plugin ID 29726
SynopsisThe remote web server is affected by a buffer overflow vulnerability.
DescriptionThe version of PeerCast installed on the remote host fails to check the length of user-supplied data in its 'handshakeHTTP' function in 'servhs.cpp' before copying it to the 'loginPassword' and 'loginMount' heap-based buffers. An unauthenticated attacker can leverage this issue to crash the affected application or execute arbitrary code on the remote host, subject to the privileges under which PeerCast operates.
SolutionUpgrade to PeerCast version 0.1218 or later.