[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

247085

 
 

909

 
 

194218

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-0855Date: (C)2006-02-23   (M)2023-12-22


Stack-based buffer overflow in the fullpath function in misc.c for zoo 2.10 and earlier, as used in products such as Barracuda Spam Firewall, allows user-assisted attackers to execute arbitrary code via a crafted ZOO file that causes the combine function to return a longer string than expected.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.1
Exploit Score: 4.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1015668
SECTRACK-1015866
BID-16790
SECUNIA-19002
SECUNIA-19130
SECUNIA-19148
SECUNIA-19166
SECUNIA-19408
SECUNIA-19514
http://www.securityfocus.com/archive/1/425887/100/0/threaded
http://archives.neohapsis.com/archives/bugtraq/2006-04/0061.html
SREASON-546
ADV-2006-0705
ADV-2006-1220
DSA-991
GLSA-200603-05
SUSE-SR:2006:005
SUSE-SR:2006:006
http://www.guay-leroux.com/projects/barracuda-advisory-ZOO.txt
http://www.guay-leroux.com/projects/zoo-advisory.txt
zoo-misc-bo(24904)

CWE    1
CWE-119

© SecPod Technologies