CVE Vulnerabilities

CVE-2008-2654

Published: Jun 13, 2008 | Modified: Aug 08, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Off-by-one error in the read_client function in webhttpd.c in Motion 3.2.10 and earlier might allow remote attackers to execute arbitrary code via a long request to a Motion HTTP Control interface, which triggers a stack-based buffer overflow with some combinations of processor architecture and compiler.

Affected Software

Name Vendor Start Version End Version
Motion Lavrsen 3.1.20 3.1.20
Motion Lavrsen 3.2.5 3.2.5
Motion Lavrsen 3.2.1 3.2.1
Motion Lavrsen 3.2.9 3.2.9
Motion Lavrsen 3.2.6 3.2.6
Motion Lavrsen 3.1.19 3.1.19
Motion Lavrsen 3.2.4 3.2.4
Motion Lavrsen 3.1.18 3.1.18
Motion Lavrsen * 3.2.10
Motion Lavrsen 3.2.7 3.2.7
Motion Lavrsen 3.2.2 3.2.2
Motion Lavrsen 3.1.17 3.1.17
Motion Lavrsen 3.2.3 3.2.3
Motion Lavrsen 3.2.8 3.2.8

References