Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:7172
HistoryNov 13, 2004 - 12:00 a.m.

[ GLSA 200411-19 ] Pavuk: Multiple buffer overflows

2004-11-1300:00:00
vulners.com
16

EPSS

0.007

Percentile

80.3%

JSON

Gentoo Linux Security Advisory GLSA 200411-19

                                        http://security.gentoo.org/

Severity: Normal
Title: Pavuk: Multiple buffer overflows
Date: November 10, 2004
Bugs: #70516
ID: 200411-19

Synopsis

Pavuk contains multiple buffer overflows that can allow a remote
attacker to run arbitrary code.

Background

Pavuk is web spider and website mirroring tool.

Affected packages

-------------------------------------------------------------------
 Package         /  Vulnerable  /                       Unaffected
-------------------------------------------------------------------

1 net-misc/pavuk < 0.9.31 >= 0.9.31

Description

Pavuk contains several buffer overflow vulnerabilities in the code
handling digest authentication and HTTP header processing. This issue
is similar to GLSA 200407-19, but contains more vulnerabilities.

Impact

A remote attacker could cause a buffer overflow, leading to arbitrary
code execution with the rights of the user running Pavuk.

Workaround

There is no known workaround at this time.

Resolution

All Pavuk users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=net-misc/pavuk-0.9.31&quot;

References

[ 1 ] GLSA-200407-19
http://www.gentoo.org/security/en/glsa/glsa-200407-19.xml
[ 2 ] SA13120
http://secunia.com/advisories/13120/
[ 3 ] CAN-2004-0456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0456

Availability

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200411-19.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or alternatively, you may file a bug at
http://bugs.gentoo.org.

License

Copyright 2004 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

Related

nessus 5
debiancve 1
openvas 8
freebsd 1
gentoo 2
nvd 1
cvelist 1
cve 1
debian 1
nessus
nessus
GLSA-200406-22 : Pavuk: Remote buffer overflow
2004-08-30 00:00:00
FreeBSD : Pavuk HTTP Location header overflow (137)
2004-07-06 00:00:00
FreeBSD : Pavuk HTTP Location header overflow (76904dce-ccf3-11d8-babb-000854d03344)
2009-04-23 00:00:00
debiancve
debiancve
CVE-2004-0456
2004-12-06 05:00:00
openvas
openvas
Debian: Security Advisory (DSA-527)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200411-19 (pavuk)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200406-22 (Pavuk)
2008-09-24 00:00:00
freebsd
freebsd
Pavuk HTTP Location header overflow
2004-06-30 00:00:00
gentoo
gentoo
Pavuk: Multiple buffer overflows
2004-11-10 00:00:00
Pavuk: Remote buffer overflow
2004-06-30 00:00:00
nvd
nvd
CVE-2004-0456
2004-12-06 05:00:00
cvelist
cvelist
CVE-2004-0456
2004-07-06 04:00:00
cve
cve
CVE-2004-0456
2004-12-06 05:00:00
debian
debian
[SECURITY] [DSA 527-1] New pavuk packages fix buffer overflow
2004-07-03 19:10:05

EPSS

0.007

Percentile

80.3%

JSON
Related for SECURITYVULNS:DOC:7172
nessus5debiancve1openvas8freebsd1gentoo2nvd1cvelist1cve1debian1