CVE-2008-2363

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2008-2363
The PartsBatch class in Pan 0.132 and earlier does not properly manage the data structures for Parts batches, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted .nzb file that triggers a heap-based buffer overflow.

9.3 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://marc.info/?l=oss-security&m=121207185600564&w=2 Patch
http://bugs.gentoo.org/show_bug.cgi?id=224051 Patch
http://bugzilla.gnome.org/show_bug.cgi?id=535413 Patch
https://bugzilla.redhat.com/show_bug.cgi?id=446902
http://www.securityfocus.com/bid/29421 Patch
http://www.novell.com/linux/security/advisories/2008_13_sr.html
http://security.gentoo.org/glsa/glsa-200807-15.xml
http://secunia.com/advisories/31315 Vendor Advisory
http://secunia.com/advisories/30717 Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:201
https://exchange.xforce.ibmcloud.com/vulnerabilities/42750
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:pan:pan:0.129:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.130:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.124:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.123:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.115:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.114:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.107:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.106:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.126:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.125:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.117:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.109:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.113:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.116:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.131:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.122:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.127:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.121:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:*:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.111:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.110:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.119:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.120:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.108:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.118:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.112:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.128:*:*:*:*:*:*:*
cpe:2.3:a:pan:pan:0.105:*:*:*:*:*:*:*
Information

Published : 2008-06-02 14:30

Updated : 2017-08-07 18:30

NVD link : CVE-2008-2363

Mitre link : CVE-2008-2363

JSON object : View

CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

dedicated server usa
Products Affected

pan

  • pan