Vulnerability Description
The web interface in AstroCam 2.0.0 through 2.6.5 allows remote attackers to cause a denial of service (daemon shutdown) via requests that contain a large amount of data in the "a" variable, which "fills up the message queue."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Astrocam | Astrocam | 2.6.0 |
Related Weaknesses (CWE)
References
- http://astrocam.svn.sourceforge.net/viewvc/astrocam/BUGS?view=markup
- http://secunia.com/advisories/24480Vendor Advisory
- http://sourceforge.net/project/shownotes.php?group_id=85523&release_id=492572
- http://www.osvdb.org/32868
- http://www.securityfocus.com/bid/22924
- http://www.vupen.com/english/advisories/2007/0901
- http://astrocam.svn.sourceforge.net/viewvc/astrocam/BUGS?view=markup
- http://secunia.com/advisories/24480Vendor Advisory
- http://sourceforge.net/project/shownotes.php?group_id=85523&release_id=492572
- http://www.osvdb.org/32868
- http://www.securityfocus.com/bid/22924
- http://www.vupen.com/english/advisories/2007/0901
FAQ
What is CVE-2007-1426?
CVE-2007-1426 is a vulnerability with a CVSS score of 7.8 (HIGH). The web interface in AstroCam 2.0.0 through 2.6.5 allows remote attackers to cause a denial of service (daemon shutdown) via requests that contain a large amount of data in the "a" variable, which "fi...
How severe is CVE-2007-1426?
CVE-2007-1426 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1426?
Check the references section above for vendor advisories and patch information. Affected products include: Astrocam Astrocam.