Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1827

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-1827
Last Modified 07 Mar 2011 09:34:22
Published 18 Apr 2006 04:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1827

Summary

Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigned length.

Vulnerable Systems

Application

  • Digium Asterisk 0.1.0

  • Digium Asterisk 0.1.1

  • Digium Asterisk 0.1.10

  • Digium Asterisk 0.1.11

  • Digium Asterisk 0.1.12

  • Digium Asterisk 0.1.2

  • Digium Asterisk 0.1.3

  • Digium Asterisk 0.1.4

  • Digium Asterisk 0.1.5

  • Digium Asterisk 0.1.6

  • Digium Asterisk 0.1.7

  • Digium Asterisk 0.1.8

  • Digium Asterisk 0.1.9

  • Digium Asterisk 0.1.9.1

  • Digium Asterisk 0.2

  • Digium Asterisk 0.2.0

  • Digium Asterisk 0.3

  • Digium Asterisk 0.3.0

  • Digium Asterisk 0.4

  • Digium Asterisk 0.4.0

  • Digium Asterisk 0.5.0

  • Digium Asterisk 0.7.0

  • Digium Asterisk 0.7.1

  • Digium Asterisk 0.7.2

  • Digium Asterisk 1.0 Rc1

  • Digium Asterisk 1.0 Rc2

  • Digium Asterisk 1.0.0

  • Digium Asterisk 1.0.1

  • Digium Asterisk 1.0.2

  • Digium Asterisk 1.0.3

  • Digium Asterisk 1.0.4

  • Digium Asterisk 1.0.5

  • Digium Asterisk 1.0.6

  • Digium Asterisk 1.0.7

  • Digium Asterisk 1.0.8

  • Digium Asterisk 1.0.9

  • Digium Asterisk 1.2.0 Beta1

  • Digium Asterisk 1.2.6


References

MISC - http://www.cipher.org.uk/index.php?p=advisories/Asterisk_Codec_Integer_Overflow_07-04-2006.advisory

CONFIRM - http://ftp.digium.com/pub/asterisk/releases/asterisk-1.2.7-patch.gz

VUPEN - ADV-2006-1478

BID - 17561

SUSE - SUSE-SR:2006:009

DEBIAN - DSA-1048

SECUNIA - 19897

SECUNIA - 19872

SECUNIA - 19800


Last Updated: 27 May 2016 10:42:14