Vulnerability Details CVE-2007-1426
The web interface in AstroCam 2.0.0 through 2.6.5 allows remote attackers to cause a denial of service (daemon shutdown) via requests that contain a large amount of data in the "a" variable, which "fills up the message queue."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 82.9%
CVSS Severity
CVSS v2 Score 7.8
References
- http://astrocam.svn.sourceforge.net/viewvc/astrocam/BUGS?view=markup
- http://secunia.com/advisories/24480
- http://sourceforge.net/project/shownotes.php?group_id=85523&release_id=492572
- http://www.osvdb.org/32868
- http://www.securityfocus.com/bid/22924
- http://www.vupen.com/english/advisories/2007/0901
- http://astrocam.svn.sourceforge.net/viewvc/astrocam/BUGS?view=markup
- http://secunia.com/advisories/24480
- http://sourceforge.net/project/shownotes.php?group_id=85523&release_id=492572
- http://www.osvdb.org/32868
- http://www.securityfocus.com/bid/22924
- http://www.vupen.com/english/advisories/2007/0901
Products affected by CVE-2007-1426
-
cpe:2.3:a:astrocam:astrocam:2.6.0
-
cpe:2.3:a:astrocam:astrocam:2.6.1
-
cpe:2.3:a:astrocam:astrocam:2.6.2
-
cpe:2.3:a:astrocam:astrocam:2.6.3
-
cpe:2.3:a:astrocam:astrocam:2.6.4
-
cpe:2.3:a:astrocam:astrocam:2.6.5