CVE-2006-1148
PeerCast <0.1217 - RCE
Title source: llmDescription
Multiple stack-based buffer overflows in the procConnectArgs function in servmgr.cpp in PeerCast before 0.1217 allow remote attackers to execute arbitrary code via an HTTP GET request with a long (1) parameter name or (2) value in a URL, which triggers the overflow in the nextCGIarg function in servhs.cpp.
Exploits (5)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows_x86
https://www.exploit-db.com/exploits/16786
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotelinux
https://www.exploit-db.com/exploits/16855
metasploit
WORKING POC
NORMAL
by hdm · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/peercast_url.rb
metasploit
WORKING POC
NORMAL
by MC · rubypoclinux
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/peercast_url.rb
References (10)
Scores
EPSS
0.8413
EPSS Percentile
99.3%
Details
CWE
CWE-119
Status
published
Products (3)
peercast/peercast
0.1211
peercast/peercast
0.1212
peercast/peercast
< 0.1215
Published
Mar 10, 2006
Tracked Since
Feb 18, 2026