cbcvebase.
CVE-2007-6454
published 2007-12-20

CVE-2007-6454: Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to…

PriorityP260critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
16.80%
96.7th percentile
Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.

Affected

5 ranges
VendorProductVersion rangeFixed in
peercastpeercast<= 0.1217
peercastpeercast<= svn_344
peercastpeercast
peercastpeercast
peercastpeercast

Detection & IOCsextracted from sources · hover to see the quote

urlhttps://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/30894.zip
  • Detect oversized HTTP SOURCE requests targeting PeerCast; the vulnerability is triggered via a long SOURCE request in the handshakeHTTP function (servhs.cpp).
  • Monitor for heap-based buffer overflow conditions in PeerCast versions 0.1217 and earlier (including SVN 344 and earlier) triggered by abnormally large SOURCE method HTTP requests.
  • Alert on unexpected crashes or denial-of-service conditions in PeerCast processes, which may indicate failed exploitation attempts of this buffer overflow.
  • ·Affected versions are PeerCast 0.12.17 / 0.1217 and earlier, and SVN 334/344 and earlier; version references differ slightly between sources.
  • ·The overflow occurs specifically in the handshakeHTTP function within servhs.cpp; detection or patching efforts should focus on this code path.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.