Unrated severityNVD Advisory· Published Sep 10, 2009· Updated Apr 23, 2026
CVE-2008-7160
CVE-2008-7160
Description
The silc_http_server_parse function in lib/silchttp/silchttpserver.c in the internal HTTP server in silcd in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.9 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted Content-Length header, related to incorrect use of a %lu format string.
Affected products
8cpe:2.3:a:silcnet:silc_toolkit:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:silcnet:silc_toolkit:*:*:*:*:*:*:*:*range: <=1.1.8
- cpe:2.3:a:silcnet:silc_toolkit:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:silcnet:silc_toolkit:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:silcnet:silc_toolkit:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:silcnet:silc_toolkit:1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:silcnet:silc_toolkit:1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:silcnet:silc_toolkit:1.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:silcnet:silc_toolkit:1.1.6:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- silcnet.org/docs/changelog/SILC%20Toolkit%201.1.9nvdPatchVendor Advisory
- silcnet.org/general/news/news_toolkit.phpnvdPatchVendor Advisory
- www.debian.org/security/2009/dsa-1879nvdPatch
- www.securityfocus.com/bid/36194nvdPatch
- secunia.com/advisories/36614nvdVendor Advisory
- secunia.com/advisories/36625nvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.htmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.openwall.com/lists/oss-security/2009/08/31/5nvd
- www.openwall.com/lists/oss-security/2009/09/03/5nvd
News mentions
0No linked articles in our index yet.