Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3251

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-3251
Last Modified 17 Oct 2011 12:00:00
Published 27 Jun 2006 02:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3251

Summary

Heap-based buffer overflow in the array_push function in hashcash.c for Hashcash before 1.21 might allow attackers to execute arbitrary code via crafted entries.

Vulnerable Systems

Application

  • Hashcash 1.00

  • Hashcash 1.01

  • Hashcash 1.02

  • Hashcash 1.03

  • Hashcash 1.04

  • Hashcash 1.05

  • Hashcash 1.06

  • Hashcash 1.07

  • Hashcash 1.08

  • Hashcash 1.09

  • Hashcash 1.10

  • Hashcash 1.11

  • Hashcash 1.12

  • Hashcash 1.13

  • Hashcash 1.14

  • Hashcash 1.15

  • Hashcash 1.16

  • Hashcash 1.17

  • Hashcash 1.18

  • Hashcash 1.19

  • Hashcash 1.20


References

BID - 18659

XF - hashcash-arraypush-bo(27422)

VUPEN - ADV-2006-2551

CONFIRM - http://www.hashcash.org/source/CHANGELOG

GENTOO - GLSA-200606-25

DEBIAN - DSA-1114

SECUNIA - 21146

SECUNIA - 20846

SECUNIA - 20800


Last Updated: 27 May 2016 10:42:56