CVE-2005-0478 - Vulnerability Details - OpenCVE

Multiple buffer overflows in TrackerCam 5.12 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) an HTTP request with a long User-Agent header or (2) a long argument to an arbitrary PHP script.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Trackercam	Trackercam

Configuration 1 [-]

cpe:2.3:a:trackercam:trackercam:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/archive/1/390918
http://www.securityfocus.com/bid/12592
https://exchange.xforce.ibmcloud.com/vulnerabilities/19409
https://exchange.xforce.ibmcloud.com/vulnerabilities/19411

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-02-19T05:00:00

Updated: 2024-08-07T21:13:54.267Z

Reserved: 2005-02-19T00:00:00

Link: CVE-2005-0478

Vulnrichment

No data.

NVD

Status : Modified

Published: 2005-03-30T05:00:00.000

Modified: 2024-11-20T23:55:13.643

Link: CVE-2005-0478

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-02-18T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in TrackerCam 5.12 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) an HTTP request with a long User-Agent header or (2) a long argument to an arbitrary PHP script."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "trackercam-useragent-bo(19409)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19409"}, {"name": "20050218 Multiple vulnerabilities in TrackerCam 5.12", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/390918"}, {"name": "trackercam-php-bo(19411)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19411"}, {"name": "12592", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/12592"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-0478", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple buffer overflows in TrackerCam 5.12 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) an HTTP request with a long User-Agent header or (2) a long argument to an arbitrary PHP script."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "trackercam-useragent-bo(19409)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19409"}, {"name": "20050218 Multiple vulnerabilities in TrackerCam 5.12", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/390918"}, {"name": "trackercam-php-bo(19411)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19411"}, {"name": "12592", "refsource": "BID", "url": "http://www.securityfocus.com/bid/12592"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T21:13:54.267Z"}, "title": "CVE Program Container", "references": [{"name": "trackercam-useragent-bo(19409)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19409"}, {"name": "20050218 Multiple vulnerabilities in TrackerCam 5.12", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/390918"}, {"name": "trackercam-php-bo(19411)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19411"}, {"name": "12592", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/12592"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-0478", "datePublished": "2005-02-19T05:00:00", "dateReserved": "2005-02-19T00:00:00", "dateUpdated": "2024-08-07T21:13:54.267Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:trackercam:trackercam:*:*:*:*:*:*:*:*", "matchCriteriaId": "9DACB08F-805A-4240-9718-B5F028F4FF2E", "versionEndIncluding": "5.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in TrackerCam 5.12 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) an HTTP request with a long User-Agent header or (2) a long argument to an arbitrary PHP script."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en TrackerCam 5.12 y versiones anteriores, permite a atacantes remotos causar la Denegaci\u00f3n de Servicios (DoS) y posiblemente la ejecuci\u00f3n de c\u00f3digo arbitrario mediante:\r\n\r\nuna petici\u00f3n HTTP con una cabecera User-Agent larga,\r\nun argumento largo a un script PHP arbitrario"}], "id": "CVE-2005-0478", "lastModified": "2024-11-20T23:55:13.643", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-03-30T05:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.securityfocus.com/archive/1/390918"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/12592"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19409"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19411"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.securityfocus.com/archive/1/390918"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/12592"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19409"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19411"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}