CVE-2008-1227

EUVD-2008-1236
Stack-based buffer overflow in the silc_fingerprint function in lib/silcutil/silcutil.c in Secure Internet Live Conferencing (SILC) Toolkit 1.1.5, and unspecified earlier versions, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via long input data.  NOTE: some of these details are obtained from third party information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
Affected Products (NVD)
VendorProductVersion
silcsilc_toolkit
𝑥
≤ 1.1.5
silcsilc_toolkit
1.1
silcsilc_toolkit
1.1.1
silcsilc_toolkit
1.1.2
silcsilc_toolkit
1.1.3
silcsilc_toolkit
1.1.4
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
silc-toolkit
dapper
ignored
edgy
ignored
feisty
ignored
gutsy
ignored
hardy
Fixed 1.1.5-1ubuntu1
released
intrepid
Fixed 1.1.5-1ubuntu1
released
jaunty
Fixed 1.1.5-1ubuntu1
released
karmic
Fixed 1.1.5-1ubuntu1
released
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html
http://secunia.com/advisories/29174
http://secunia.com/advisories/29323
http://secunia.com/advisories/29946
http://security.gentoo.org/glsa/glsa-200804-27.xml
http://silcnet.org/docs/changelog/SILC%20Toolkit%201.1.6
http://www.mandriva.com/security/advisories?name=MDVSA-2008:158
http://www.securityfocus.com/bid/28101
http://www.vupen.com/english/advisories/2008/0769
https://bugzilla.redhat.com/show_bug.cgi?id=372021
https://exchange.xforce.ibmcloud.com/vulnerabilities/41012
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html
http://secunia.com/advisories/29174
http://secunia.com/advisories/29323
http://secunia.com/advisories/29946
http://security.gentoo.org/glsa/glsa-200804-27.xml
http://silcnet.org/docs/changelog/SILC%20Toolkit%201.1.6
http://www.mandriva.com/security/advisories?name=MDVSA-2008:158
http://www.securityfocus.com/bid/28101
http://www.vupen.com/english/advisories/2008/0769
https://bugzilla.redhat.com/show_bug.cgi?id=372021
https://exchange.xforce.ibmcloud.com/vulnerabilities/41012