Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3123

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2006-3123
Last Modified 07 Mar 2011 09:37:52
Published 07 Aug 2006 03:04:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-3123

Summary

Multiple integer overflows in the (1) dodecrypt and (2) doencrypt functions in cfs_fh.c in cfsd in Matt Blaze Cryptographic File System (CFS) 1.4.1 before Debian GNU/Linux package 1.4.1-17 allow local users to cause a denial of service (daemon crash) by appending data to a file that is larger than 2 Gb.

Vulnerable Systems

Application

  • Matt Blaze Cryptographic File System 1.4.1


References

DEBIAN - DSA-1138

VUPEN - ADV-2006-3157

BID - 19320

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=371076

XF - cfs-dodecrypt-dodencrypt-dos(28288)

SECUNIA - 21341

SECUNIA - 21310


Last Updated: 27 May 2016 10:42:54