CVE-2008-2040
published 2008-04-30CVE-2008-2040: Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http.cpp) in Peercast 0.1218 and gnome-peercast allows remote attackers to cause…
PriorityP355high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
14.86%
96.3th percentile
Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http.cpp) in Peercast 0.1218 and gnome-peercast allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Basic Authentication string with a long (1) username or (2) password.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| peercast | peercast | — | — |
Detection & IOCsextracted from sources · hover to see the quote
bytes↗
Authorization: Basic OmZ + 'vb29'*128 + 'vbwo='
- →Detect oversized Basic Authentication headers in HTTP requests to port 7144 (PeerCast default). A long base64-encoded credential string in the Authorization header is the exploit delivery mechanism. ↗
- →Monitor HTTP requests targeting the '/http/' path on port 7144, which is the specific endpoint exercised by the exploit to trigger the buffer overflow in HTTP::getAuthUserPass. ↗
- →The vulnerability is a stack-based buffer overflow triggered by a long username or password in a Basic Authentication string; alert on abnormally large Authorization: Basic header values directed at PeerCast listeners. ↗
- ·The exploit targets PeerCast 0.1218 specifically; other versions may also be affected but are not confirmed. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-98qj-hw8j-wp56: Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http
ghsa_unreviewed·2022-05-01
CVE-2008-2040 [HIGH] CWE-119 GHSA-98qj-hw8j-wp56: Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http
Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http.cpp) in Peercast 0.1218 and gnome-peercast allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Basic Authentication string with a long (1) username or (2) password.
SonicWall
CVE-2008-4918: Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced before 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote
vendor_sonicwall·2008-11-04·CVSS 4.3
CVE-2008-4918 [MEDIUM] CWE-79 CVE-2008-4918: Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced before 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote
CVE-2008-4918: Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced before 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote attackers to inject arbitrary web script or HTML into arbitrary web sites via a URL to a site that is blocked based on content filtering, which is not properly handled in the CFS block page, aka "universal website hijacking."
No detection rules found.
No writeups or analysis indexed.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478573http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478680http://secunia.com/advisories/29962http://secunia.com/advisories/30020http://secunia.com/advisories/30320http://secunia.com/advisories/30325http://secunia.com/advisories/31182http://security.gentoo.org/glsa/glsa-200807-11.xmlhttp://www.debian.org/security/2008/dsa-1582http://www.debian.org/security/2008/dsa-1583http://www.securityfocus.com/bid/28986http://www.vupen.com/english/advisories/2008/1409/referenceshttp://www.vupen.com/english/advisories/2008/1410/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/42092http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478573http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478680http://secunia.com/advisories/29962http://secunia.com/advisories/30020http://secunia.com/advisories/30320http://secunia.com/advisories/30325http://secunia.com/advisories/31182http://security.gentoo.org/glsa/glsa-200807-11.xmlhttp://www.debian.org/security/2008/dsa-1582http://www.debian.org/security/2008/dsa-1583http://www.securityfocus.com/bid/28986http://www.vupen.com/english/advisories/2008/1409/referenceshttp://www.vupen.com/english/advisories/2008/1410/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/42092
2008-04-30
Published