Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4575

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-4575
Last Modified 10 Feb 2009 01:55:39
Published 15 Oct 2008 04:07:42
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4575

Summary

Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors related to "a bunch of potential string overflows."

Vulnerable Systems

Application

  • Sentex Jhead 1.2

  • Sentex Jhead 1.3

  • Sentex Jhead 1.4

  • Sentex Jhead 1.5

  • Sentex Jhead 1.6

  • Sentex Jhead 1.7

  • Sentex Jhead 1.8

  • Sentex Jhead 1.9

  • Sentex Jhead 2.0

  • Sentex Jhead 2.1

  • Sentex Jhead 2.2

  • Sentex Jhead 2.3

  • Sentex Jhead 2.4

  • Sentex Jhead 2.4-1

  • Sentex Jhead 2.4-2

  • Sentex Jhead 2.5

  • Sentex Jhead 2.6

  • Sentex Jhead 2.7

  • Sentex Jhead 2.8

  • Sentex Jhead 2.82


References

BID - 31770

FEDORA - FEDORA-2008-8941

FEDORA - FEDORA-2008-8928

CONFIRM - https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020

CONFIRM - http://www.sentex.net/~mwandel/jhead/changes.txt

MLIST - [oss-security] 20081015 Re: CVE request: jhead

SECUNIA - 32363


Last Updated: 27 May 2016 10:48:32