 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2006-1269 |
| Description: | Buffer overflow in the parse function in parse.c in zoo 2.10 might allow local users to execute arbitrary code via long filename command line arguments, which are not properly handled during archive creation. NOTE: since this issue is local and not setuid, the set of attack scenarios is limited, although is reasonable to expect that there are some situations in which the zoo user might automatically list attacker-controlled filenames to add to the zoo archive. |
| Test IDs: | 1.3.6.1.4.1.25623.1.0.56420 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2006-1269 BugTraq ID: 17126 http://www.securityfocus.com/bid/17126 http://www.gentoo.org/security/en/glsa/glsa-200603-12.xml https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183426 http://secunia.com/advisories/19250 http://secunia.com/advisories/19254 http://www.vupen.com/english/advisories/2006/0969 XForce ISS Database: zoo-parse-bo(25264) https://exchange.xforce.ibmcloud.com/vulnerabilities/25264 |