Upstream information
Description
The silc_http_server_parse function in lib/silchttp/silchttpserver.c in the internal HTTP server in silcd in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.9 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted Content-Length header, related to incorrect use of a %lu format string.NVD CVSS v2 Base Score: 5.8 (AV:N/AC:M/Au:N/C:N/I:P/A:P)
Novell/SUSE information
Novell Bugzilla entry: 535841 SUSE Security Advisories:- SUSE-SR:2009:016, published Tue, 13 Oct 2009 14:00:00 +0000
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| openSUSE 10.3 |
|