Joined: 12 May 2004
|Posted: Sun Jun 19, 2005 7:27 pm Post subject: [ GLSA 200506-15 ] PeerCast: Format string vulnerability
|Gentoo Linux Security Advisory
Title: PeerCast: Format string vulnerability (GLSA 200506-15)
Date: June 19, 2005
Updated: May 22, 2006
PeerCast suffers from a format string vulnerability that could allow
arbitrary code execution.
PeerCast is a media streaming system based on P2P technology.
Vulnerable: < 0.1212
Unaffected: >= 0.1212
Architectures: All supported architectures
James Bercegay of the GulfTech Security Research Team discovered that
PeerCast insecurely implements formatted printing when receiving a
request with a malformed URL.
A remote attacker could exploit this vulnerability by sending a request
with a specially crafted URL to a PeerCast server to execute arbitrary
There is no known workaround at this time.
All PeerCast users should upgrade to the latest available version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=media-sound/peercast-0.1212"
Last edited by GLSA on Fri Sep 28, 2012 4:19 am; edited 4 times in total