Lucene search
Ubuntu.comUB:CVE-2008-7159HistorySep 10, 2009 - 12:00 a.m.
CVE-2008-7159
2009-09-1000:00:00
ubuntu.com
ubuntu.com
6
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
EPSS
0.021
Percentile
89.2%
The silc_asn1_encoder function in lib/silcasn1/silcasn1_encode.c in Secure
Internet Live Conferencing (SILC) Toolkit before 1.1.8 allows remote
attackers to overwrite a stack location and possibly execute arbitrary code
via a crafted OID value, related to incorrect use of a %lu format string.
Notes
| Author | Note |
|---|---|
| kees | -fstack-protector stops this exploit, reducing it to a DoS |
Related
prion
prion
Format string
2009-09-10 21:30:00
nvd
nvd
CVE-2008-7159
2009-09-10 21:30:00
cve
cve
CVE-2008-7159
2009-09-10 21:30:00
cvelist
cvelist
CVE-2008-7159
2009-09-10 21:00:00
nessus
nessus
openSUSE Security Update : silc-toolkit (silc-toolkit-1280)
2009-09-17 00:00:00
openSUSE 10 Security Update : silc-toolkit (silc-toolkit-6479)
2009-10-06 00:00:00
SuSE 11 Security Update : silc-toolkit (SAT Patch Number 1282)
2009-09-24 00:00:00
securityvulns
securityvulns
debian
debian
openvas
openvas
Debian Security Advisory DSA 1879-1 (silc-client/silc-toolkit)
2009-09-09 00:00:00
Mandrake Security Advisory MDVSA-2009:234 (silc-toolkit)
2009-09-21 00:00:00
Mandrake Security Advisory MDVSA-2009:234-1 (silc-toolkit)
2009-09-21 00:00:00
osv
osv
silc-client silc-toolkit - arbitrary code execution
2009-09-04 00:00:00
gentoo
gentoo
SILC: Multiple vulnerabilities
2010-06-01 00:00:00
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
EPSS
0.021
Percentile
89.2%
Related for UB:CVE-2008-7159