Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2006-1269HistoryMar 19, 2006 - 2:02 a.m.
CVE-2006-1269
2006-03-1902:02:00
Debian Security Bug Tracker
security-tracker.debian.org
13
EPSS
0
Percentile
0.4%
Buffer overflow in the parse function in parse.c in zoo 2.10 might allow local users to execute arbitrary code via long filename command line arguments, which are not properly handled during archive creation. NOTE: since this issue is local and not setuid, the set of attack scenarios is limited, although is reasonable to expect that there are some situations in which the zoo user might automatically list attacker-controlled filenames to add to the zoo archive.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | zoo | < 2.10-28 | zoo_2.10-28_all.deb |
Related
gentoo
gentoo
zoo: Buffer overflow
2006-03-16 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200603-12 (zoo)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200603-12 (zoo)
2008-09-24 00:00:00
zdt
zdt
Zoo 2.10 - Parse.c Local Buffer Overflow Vulnerability
2014-03-12 00:00:00
nessus
nessus
GLSA-200603-12 : zoo: Buffer overflow
2006-03-16 00:00:00
cve
cve
CVE-2006-1269
2006-03-19 02:02:00
prion
prion
Buffer overflow
2006-03-19 02:02:00
ubuntucve
ubuntucve
CVE-2006-1269
2006-03-19 00:00:00
cvelist
cvelist
CVE-2006-1269
2006-03-19 02:00:00
exploitdb
exploitdb
Zoo 2.10 - Parse.c Local Buffer Overflow
2006-03-16 00:00:00
nvd
nvd
CVE-2006-1269
2006-03-19 02:02:00