Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2008-0646
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
The bdecode_recursive function in include/libtorrent/bencode.hpp in Rasterbar Software libtorrent before 0.12.1, as used in Deluge before 0.5.8.3 and other products, allows context-dependent attackers to cause a denial of service (stack exhaustion and crash) via a crafted bencoded message..
CVSSv2.0 Score
- Severity
- High
- Base Score
- 7.8/10
- Exploit Score
- 10/10
- Access Vector
- Network
- Access Complexity
- Low
- Authentication Required
- None
- Impact Score
- 6.9/10
- Confidentiality Impact
- None
- Availability Impact
- Complete
- Integrity Impact
- None
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:a:deluge_team:deluge:*:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:rasterbar_software:libtorrent:*:*:*:*:*:*:*:* |
Yes
|
- | - |
References
- http://deluge-torrent.org/Changelog.php
- http://libtorrent.svn.sourceforge.net/viewvc/libtorrent/branches/RC_0_12/include/libtorr
- http://libtorrent.svn.sourceforge.net/viewvc/libtorrent/branches/RC_0_12/include/libtorr
- http://libtorrent.svn.sourceforge.net/viewvc/libtorrent/branches/RC_0_13/include/libtorr
- http://libtorrent.svn.sourceforge.net/viewvc/libtorrent/trunk/include/libtorrent/bencode
- http://www.securityfocus.com/bid/27597
- http://secunia.com/advisories/28699
- http://secunia.com/advisories/28781
- http://secunia.com/advisories/28782
- https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00001.html
- http://secunia.com/advisories/28700
- http://www.vupen.com/english/advisories/2008/0384
- http://www.vupen.com/english/advisories/2008/0383