[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

112965

 
 

909

 
 

87888

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2005-4268Date: (C)2005-12-15   (M)2018-06-11


Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a cpio archive, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 3.7
Exploit Score: 1.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
BID-16057
SECUNIA-18251
SECUNIA-18278
SECUNIA-18280
SECUNIA-18395
SECUNIA-20117
OSVDB-22194
SECUNIA-25098
SECUNIA-25161
FreeBSD-SA-06:03
MDKSA-2005:237
RHSA-2007:0245
RHSA-2010:0145
SUSE-SR:2006:010
USN-234-1
cpio-file-size-bo(23855)
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=172669
https://issues.rpath.com/browse/RPL-1338

CWE    1
CWE-119
OVAL    3
oval:org.secpod.oval:def:200164
oval:org.secpod.oval:def:500352
oval:org.secpod.oval:def:200188

© SecPod Technologies