Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0806

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2012-0806
Last Modified 12 Dec 2013 11:56:34
Published 26 Jan 2012 07:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2012-0806

Summary

Buffer overflow in Bip 0.8.8 and earlier might allow remote authenticated users to execute arbitrary code via vectors involving a series of TCP connections that triggers use of many open file descriptors.

Vulnerable Systems

Application

  • Duckcorp Bip 0.7.0

  • Duckcorp Bip 0.7.1

  • Duckcorp Bip 0.7.2

  • Duckcorp Bip 0.7.3

  • Duckcorp Bip 0.7.4

  • Duckcorp Bip 0.7.5

  • Duckcorp Bip 0.8.0

  • Duckcorp Bip 0.8.1

  • Duckcorp Bip 0.8.2

  • Duckcorp Bip 0.8.3

  • Duckcorp Bip 0.8.4

  • Duckcorp Bip 0.8.5

  • Duckcorp Bip 0.8.6

  • Duckcorp Bip 0.8.7

  • Duckcorp Bip 0.8.8


References

CONFIRM - https://projects.duckcorp.org/projects/bip/repository/revisions/222a33cb84a2e52ad55a88900b7895bf9dd0262c

CONFIRM - https://projects.duckcorp.org/issues/269

SECUNIA - 47679

MLIST - [oss-security] 20120124 CVE request: bip buffer overflow

MLIST - [oss-security] 20120124 Re: CVE request: bip buffer overflow

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657217

FEDORA - FEDORA-2012-0916

FEDORA - FEDORA-2012-0941

MANDRIVA - MDVSA-2013:063


Last Updated: 27 May 2016 10:56:27