[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

112965

 
 

909

 
 

87888

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2006-0855Date: (C)2006-02-23   (M)2018-02-19


Stack-based buffer overflow in the fullpath function in misc.c for zoo 2.10 and earlier, as used in products such as Barracuda Spam Firewall, allows user-assisted attackers to execute arbitrary code via a crafted ZOO file that causes the combine function to return a longer string than expected.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.1
Exploit Score: 4.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1015668
SECTRACK-1015866
BID-16790
SECUNIA-19002
SECUNIA-19130
SECUNIA-19148
SECUNIA-19166
SECUNIA-19408
SECUNIA-19514
http://www.securityfocus.com/archive/1/archive/1/425887/100/0/threaded
http://archives.neohapsis.com/archives/bugtraq/2006-04/0061.html
SREASON-546
ADV-2006-0705
ADV-2006-1220
DSA-991
GLSA-200603-05
SUSE-SR:2006:005
SUSE-SR:2006:006
http://www.guay-leroux.com/projects/barracuda-advisory-ZOO.txt
http://www.guay-leroux.com/projects/zoo-advisory.txt
zoo-misc-bo(24904)

CWE    1
CWE-119

© SecPod Technologies