Vulnerabilities > CVE-2004-2387 - Remote vulnerability in Sredird

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

denis-sbragion

peter-astrand

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

Buffer overflow in the HandleCPCCommand function of sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code.

Vulnerable Configurations

Part	Description	Count
Application	Denis_Sbragion Denis Sbragion Sredird 1.0 Denis Sbragion Sredird 1.1.6 Denis Sbragion Sredird 1.1.7 Denis Sbragion Sredird 1.1.8 Denis Sbragion Sredird 2.0 Denis Sbragion Sredird 2.1 Denis Sbragion Sredird 2.2 Denis Sbragion Sredird 2.2.1	8
Application	Peter_Astrand Peter Astrand Sercd 2.3.0	1

References

http://cvs.lysator.liu.se/viewcvs/viewcvs.cgi/sercd/sercd.c?root=sercd
http://secunia.com/advisories/12351
http://securitytracker.com/id?1011038
http://www.osvdb.org/9100
http://www.securityfocus.com/bid/11002
http://www.securityfocus.com/bid/11033
https://exchange.xforce.ibmcloud.com/vulnerabilities/17059