Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service (daemon crash) via a large integer in the Content-Length HTTP header, which triggers a NULL dereference when malloc fails.
Vector
NETWORK
Complexity
LOW
Authentication
NONE
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL
| Advisory | Patch | Confirmed | Link |
|---|---|---|---|
| steamcast-contentlength-dos(39927) | |||
| http://aluigi.altervista.org/adv/steamcazz-adv.txt |