Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0855

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-0855
Last Modified 01 Aug 2011 12:00:00
Published 23 Feb 2006 04:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-0855

Summary

Stack-based buffer overflow in the fullpath function in misc.c for zoo 2.10 and earlier, as used in products such as Barracuda Spam Firewall, allows user-assisted attackers to execute arbitrary code via a crafted ZOO file that causes the combine function to return a longer string than expected.

Vulnerable Systems

Application

  • Rahul Dhesi Zoo 2.10


References

GENTOO - GLSA-200603-05

DEBIAN - DSA-991

SECTRACK - 1015866

SECUNIA - 19514

SECUNIA - 19166

XF - zoo-misc-bo(24904)

VUPEN - ADV-2006-1220

VUPEN - ADV-2006-0705

BID - 16790

BUGTRAQ - 20060223 zoo contains exploitable buffer overflows

SUSE - SUSE-SR:2006:006

SUSE - SUSE-SR:2006:005

MISC - http://www.guay-leroux.com/projects/zoo-advisory.txt

MISC - http://www.guay-leroux.com/projects/barracuda-advisory-ZOO.txt

SECTRACK - 1015668

SREASON - 546

SECUNIA - 19408

SECUNIA - 19148

SECUNIA - 19130

SECUNIA - 19002

BUGTRAQ - 20060403 Barracuda ZOO archiver security bug leads to remote compromise


Last Updated: 27 May 2016 10:41:49