CVE-2006-2362
Jesus Olmos Gonzalez discovered a buffer overflow in the Tektronix Hex Format (TekHex) backend of the BFD library, such as used by the 'strings' utility. By tricking an user or automated system into processing a specially crafted file with 'strings' or a vulnerable third-party application using the BFD library, this could be exploited to crash the application, or possibly even execute arbitrary code with the privileges of the user.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
{"id": "UBUNTU_USN-292-1.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Ubuntu 5.04 / 5.10 / 6.06 LTS : binutils vulnerability (USN-292-1)", "description": "CVE-2006-2362\n\nJesus Olmos Gonzalez discovered a buffer overflow in the Tektronix Hex Format (TekHex) backend of the BFD library, such as used by the 'strings' utility. By tricking an user or automated system into processing a specially crafted file with 'strings' or a vulnerable third-party application using the BFD library, this could be exploited to crash the application, or possibly even execute arbitrary code with the privileges of the user.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2007-11-10T00:00:00", "modified": "2021-01-19T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/27864", "reporter": "Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2362", "https://usn.ubuntu.com/292-1/"], "cvelist": ["CVE-2006-2362"], "immutableFields": [], "lastseen": "2023-05-18T15:02:29", "viewCount": 12, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2006-2362"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2006-2362"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231065193", "OPENVAS:65193"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:12861"]}, {"type": "ubuntu", "idList": ["USN-292-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2006-2362"]}], "rev": 4}, "score": {"value": 7.6, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2006-2362"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2006-2362"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231065193"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:12861"]}, {"type": "ubuntu", "idList": ["USN-292-1"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2006-2362", "epss": 0.00925, "percentile": 0.80675, "modified": "2023-05-06"}], "vulnersScore": 7.6}, "_state": {"dependencies": 1684426120, "score": 1684422880, "epss": 0}, "_internal": {"score_hash": "7f3de48439bf0ba8213b2392add01dc8"}, "pluginID": "27864", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-292-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27864);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2006-2362\");\n script_xref(name:\"USN\", value:\"292-1\");\n\n script_name(english:\"Ubuntu 5.04 / 5.10 / 6.06 LTS : binutils vulnerability (USN-292-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2006-2362\n\nJesus Olmos Gonzalez discovered a buffer overflow in the Tektronix Hex\nFormat (TekHex) backend of the BFD library, such as used by the\n'strings' utility. By tricking an user or automated system into\nprocessing a specially crafted file with 'strings' or a vulnerable\nthird-party application using the BFD library, this could be exploited\nto crash the application, or possibly even execute arbitrary code with\nthe privileges of the user.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/292-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:binutils-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:binutils-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:binutils-multiarch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:binutils-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(5\\.04|5\\.10|6\\.06)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 5.04 / 5.10 / 6.06\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"5.04\", pkgname:\"binutils\", pkgver:\"2.15-5ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"binutils-dev\", pkgver:\"2.15-5ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"binutils-doc\", pkgver:\"2.15-5ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"binutils-multiarch\", pkgver:\"2.15-5ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"binutils\", pkgver:\"2.16.1-2ubuntu6.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"binutils-dev\", pkgver:\"2.16.1-2ubuntu6.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"binutils-doc\", pkgver:\"2.16.1-2ubuntu6.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"binutils-multiarch\", pkgver:\"2.16.1-2ubuntu6.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"binutils-static\", pkgver:\"2.16.1-2ubuntu6.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"binutils\", pkgver:\"2.16.1cvs20060117-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"binutils-dev\", pkgver:\"2.16.1cvs20060117-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"binutils-doc\", pkgver:\"2.16.1cvs20060117-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"binutils-multiarch\", pkgver:\"2.16.1cvs20060117-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"binutils-static\", pkgver:\"2.16.1cvs20060117-1ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"binutils / binutils-dev / binutils-doc / binutils-multiarch / etc\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:binutils", "p-cpe:/a:canonical:ubuntu_linux:binutils-dev", "p-cpe:/a:canonical:ubuntu_linux:binutils-doc", "p-cpe:/a:canonical:ubuntu_linux:binutils-multiarch", "p-cpe:/a:canonical:ubuntu_linux:binutils-static", "cpe:/o:canonical:ubuntu_linux:5.04", "cpe:/o:canonical:ubuntu_linux:5.10", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "solution": "Update the affected packages.", "nessusSeverity": "High", "cvssScoreSource": "", "vendor_cvss2": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "vendor_cvss3": {"score": null, "vector": null}, "vpr": {"risk factor": "Medium", "score": "6.3"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2006-06-09T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": []}
{"debiancve": [{"lastseen": "2023-10-01T12:03:35", "description": "Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character.", "cvss3": {}, "published": "2006-05-15T16:06:00", "type": "debiancve", "title": "CVE-2006-2362", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-2362"], "modified": "2006-05-15T16:06:00", "id": "DEBIANCVE:CVE-2006-2362", "href": "https://security-tracker.debian.org/tracker/CVE-2006-2362", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2023-08-03T09:50:25", "description": "Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation\nGNU Binutils before 20060423, as used by GNU strings, allows\ncontext-dependent attackers to cause a denial of service (application\ncrash) and possibly execute arbitrary code via a file with a crafted\nTektronix Hex Format (TekHex) record in which the length character is not a\nvalid hexadecimal character.", "cvss3": {}, "published": "2006-05-15T00:00:00", "type": "ubuntucve", "title": "CVE-2006-2362", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-2362"], "modified": "2006-05-15T00:00:00", "id": "UB:CVE-2006-2362", "href": "https://ubuntu.com/security/CVE-2006-2362", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2017-07-26T08:55:55", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n binutils\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5013040 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for binutils", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-2362"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65193", "href": "http://plugins.openvas.org/nasl.php?oid=65193", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5013040.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for binutils\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n binutils\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5013040 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65193);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2006-2362\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for binutils\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"binutils\", rpm:\"binutils~2.15.90.0.1.1~32.17\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:22", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n binutils\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5013040 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for binutils", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-2362"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065193", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065193", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5013040.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for binutils\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n binutils\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5013040 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65193\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2006-2362\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for binutils\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"binutils\", rpm:\"binutils~2.15.90.0.1.1~32.17\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cve": [{"lastseen": "2023-10-03T07:19:27", "description": "Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character.", "cvss3": {}, "published": "2006-05-15T16:06:00", "type": "cve", "title": "CVE-2006-2362", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-2362"], "modified": "2020-01-29T19:35:00", "cpe": [], "id": "CVE-2006-2362", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2362", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": []}], "ubuntu": [{"lastseen": "2023-09-01T12:00:07", "description": "## Releases\n\n * Ubuntu 6.06 \n * Ubuntu 5.10 \n * Ubuntu 5.04 \n\nCVE-2006-2362\n\nJesus Olmos Gonzalez discovered a buffer overflow in the Tektronix Hex \nFormat (TekHex) backend of the BFD library, such as used by the \n'strings' utility. By tricking an user or automated system into \nprocessing a specially crafted file with 'strings' or a vulnerable \nthird-party application using the BFD library, this could be exploited \nto crash the application, or possibly even execute arbitrary code with \nthe privileges of the user.\n", "cvss3": {}, "published": "2006-06-09T00:00:00", "type": "ubuntu", "title": "binutils vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2006-2362"], "modified": "2006-06-09T00:00:00", "id": "USN-292-1", "href": "https://ubuntu.com/security/notices/USN-292-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:17", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n________________________________________________________________________\r\n\r\nOpenPKG Security Advisory The OpenPKG Project\r\nhttp://www.openpkg.org/security/ http://www.openpkg.org\r\nopenpkg-security@openpkg.org openpkg@openpkg.org\r\nOpenPKG-SA-2006.009 26-May-2006\r\n________________________________________________________________________\r\n\r\nPackage: binutils\r\nVulnerability: arbitrary code execution\r\nOpenPKG Specific: no\r\n\r\nAffected Releases: Affected Packages: Corrected Packages:\r\nOpenPKG CURRENT <= binutils-2.16.1-20060101 >= binutils-2.16.1-20060526\r\nOpenPKG 2.5 <= binutils-2.16.1-2.5.0 >= binutils-2.16.1-2.5.1\r\nOpenPKG 2.4 <= binutils-2.16.1-2.4.0 >= binutils-2.16.1-2.4.1\r\n\r\nDescription:\r\n According to a vendor bug report [0], a buffer overflow in "libbfd"\r\n of GNU Binutils [1], as used by GNU strings, allows context-dependent\r\n attackers to cause a denial of service (application crash) and\r\n possibly execute arbitrary code via a file with a crafted Tektronix\r\n Hex Format (TekHex) record in which the length character is not a\r\n valid hexadecimal character. The Common Vulnerabilities and Exposures\r\n (CVE) project assigned the id CVE-2006-2362 [2] to the problem.\r\n________________________________________________________________________\r\n\r\nReferences:\r\n [0] http://sourceware.org/bugzilla/show_bug.cgi?id=2584\r\n [1] http://www.gnu.org/software/binutils/\r\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2362\r\n________________________________________________________________________\r\n\r\nFor security reasons, this advisory was digitally signed with the\r\nOpenPGP public key "OpenPKG <openpkg@openpkg.org>" (ID 63C4CB9F) of the\r\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\r\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\r\nfor details on how to verify the integrity of this advisory.\r\n________________________________________________________________________\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nComment: OpenPKG <openpkg@openpkg.org>\r\n\r\niD8DBQFEd1UcgHWT4GPEy58RAqN4AKD4ww1I7wJlqEZVF6TQ+GxYQdKo7QCgsnNF\r\nNX4hcKKJVay/XQl2eA2HNec=\r\n=5B6y\r\n-----END PGP SIGNATURE-----", "cvss3": {}, "published": "2006-05-27T00:00:00", "type": "securityvulns", "title": "[OpenPKG-SA-2006.009] OpenPKG Security Advisory (binutils)", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2006-2362"], "modified": "2006-05-27T00:00:00", "id": "SECURITYVULNS:DOC:12861", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:12861", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
Ubuntu 5.04 / 5.10 / 6.06 LTS : binutils vulnerability (USN-292-1)
