Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 3.0 |
| pavuk | pavuk | 0.9pl28i |
| gentoo | linux | 1.2 |
| pavuk | pavuk | 0.928r1 |
| gentoo | linux | 1.4 |
| gentoo | linux | 1.1a |
Multiple buffer overflows in the digest authentication functionality in Pavuk 0.9.28-r2 and earlier allow remote attackers to execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| pavuk | pavuk | 0.9pl28i |
| pavuk | pavuk | 0.928r1 |
| pavuk | pavuk | 0.928r2 |
Multiple buffer overflows in Pavuk before 0.9.32 have unknown attack vectors and impact.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| pavuk | pavuk | 0.9pl28i |
| pavuk | pavuk | 0.9.31 |
| pavuk | pavuk | 0.928r1 |
| pavuk | pavuk | 0.9_pl28 |
| pavuk | pavuk | 0.928r2 |
| pavuk | pavuk | 0.9_pl30b |