Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2161

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-2161
Last Modified 07 Mar 2011 09:35:27
Published 09 May 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-2161

Summary

Buffer overflow in (1) TZipBuilder 1.79.03.01, (2) Abakt 0.9.2 and 0.9.3-beta1, (3) CAM UnZip 4.0 and 4.3, and possibly other products, allows user-assisted attackers to execute arbitrary code via a ZIP archive that contains a file with a long file name.

Vulnerable Systems

Application

  • Cam Development Cam Unzip 4.0

  • Cam Development Cam Unzip 4.3

  • Erik Dienske Abakt 0.9.2

  • Erik Dienske Abakt 0.9.3 Beta1

  • Roger Aelbrecht Tzipbuilder 1.79.03.01


References

XF - camunzip-archive-bo(26549)

XF - abakt-zip-bo(26435)

BID - 17880

BUGTRAQ - 20060519 Secunia Research: CAM UnZip ZIP File Handling Buffer OverflowVulnerability

BUGTRAQ - 20060515 Secunia Research: Abakt ZIP File Handling Buffer OverflowVulnerability

BUGTRAQ - 20060508 Secunia Research: TZipBuilder ZIP File Handling Buffer OverflowVulnerability

SECTRACK - 1016107

SECTRACK - 1016064

MISC - http://secunia.com/secunia_research/2006-34/advisory/

MISC - http://secunia.com/secunia_research/2006-31/advisory/

SECUNIA - 20068

SECUNIA - 19946

SECUNIA - 19945

FULLDISC - 20060515 Secunia Research: Abakt ZIP File Handling Buffer

CONFIRM - http://www.xs4all.nl/~edienske/abakt/releases.html#0.9.3-RC1

VUPEN - ADV-2006-1865

VUPEN - ADV-2006-1805

VUPEN - ADV-2006-1687

MISC - http://secunia.com/secunia_research/2006-26/advisory

XF - tzipbuilder-zip-bo(26275)

SREASON - 853


Last Updated: 27 May 2016 10:42:22