Vulnerabilities > CVE-2008-0550 - Numeric Errors vulnerability in Radio Toolbox Steamcast
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Off-by-one error in Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a certain HTTP request that leads to a buffer overflow, as demonstrated by a long User-Agent header.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Streamcast. CVE-2008-0550. Remote exploit for windows platform |
| id | EDB-ID:16800 |
| last seen | 2016-02-02 |
| modified | 2010-06-11 |
| published | 2010-06-11 |
| reporter | metasploit |
| source | https://www.exploit-db.com/download/16800/ |
| title | Streamcast <= 0.9.75 HTTP User-Agent Buffer Overflow |
Metasploit
| description | This module exploits a stack buffer overflow in Streamcast <= 0.9.75. By sending an overly long User-Agent in an HTTP GET request, an attacker may be able to execute arbitrary code. |
| id | MSF:EXPLOIT/WINDOWS/HTTP/STEAMCAST_USERAGENT |
| last seen | 2020-06-12 |
| modified | 2017-11-08 |
| published | 2009-02-25 |
| references | |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/http/steamcast_useragent.rb |
| title | Streamcast HTTP User-Agent Buffer Overflow |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/83026/steamcast_useragent.rb.txt |
| id | PACKETSTORM:83026 |
| last seen | 2016-12-05 |
| published | 2009-11-26 |
| reporter | LSO |
| source | https://packetstormsecurity.com/files/83026/Streamcast-0.9.75-HTTP-User-Agent-Buffer-Overflow.html |
| title | Streamcast <= 0.9.75 HTTP User-Agent Buffer Overflow |