FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mt-daapd -- integer overflow

Affected packages
mt-daapd <


VuXML ID 86a4d810-1884-11dd-a914-0016179b2dd5
Discovery 2008-04-21
Entry 2008-05-02

FrSIRT reports:

A vulnerability has been identified in mt-daapd which could be exploited by remote attackers to cause a denial of service or compromise an affected system. This issue is caused by a buffer overflow error in the ws_getpostvars() function when processing a negative Content-Length: header value, which could be exploited by remote unauthenticated attackers to crash an affected application or execute arbitrary code.


CVE Name CVE-2008-1771