[Forgot Password]
Login  Register Subscribe

24003

 
 

131573

 
 

108741

 
 

909

 
 

85467

 
 

134

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2005-4268Date: (C)2005-12-15   (M)2018-06-11


Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a cpio archive, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score : 3.7
Exploit Score: Exploit Score: 1.9
Impact Score: Impact Score: 6.4
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: LOCAL
Attack Complexity: Access Complexity: HIGH
Privileges Required: Authentication: NONE
User Interaction: Confidentiality: PARTIAL
Scope: Integrity: PARTIAL
Confidentiality: Availability: PARTIAL
Integrity:  
Availability:  
  
Reference:
BID-16057
SECUNIA-18251
SECUNIA-18278
SECUNIA-18280
SECUNIA-18395
SECUNIA-20117
OSVDB-22194
SECUNIA-25098
SECUNIA-25161
FreeBSD-SA-06:03
MDKSA-2005:237
RHSA-2007:0245
RHSA-2010:0145
SUSE-SR:2006:010
USN-234-1
cpio-file-size-bo(23855)
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=172669
https://issues.rpath.com/browse/RPL-1338

CWE    1
CWE-119
OVAL    3
oval:org.secpod.oval:def:200164
oval:org.secpod.oval:def:200188
oval:org.secpod.oval:def:500352

© SecPod Technologies