Lucene search
Ubuntu.comUB:CVE-2006-3355HistoryJul 06, 2006 - 12:00 a.m.
CVE-2006-3355
2006-07-0600:00:00
ubuntu.com
ubuntu.com
9
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.109 Low
EPSS
Percentile
95.2%
Heap-based buffer overflow in httpdget.c in mpg123 before 0.59s-rll allows
remote attackers to execute arbitrary code via a long URL, which is not
properly terminated before being used with the strncpy function. NOTE:
This appears to be the result of an incomplete patch for CVE-2004-0982.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.10 | noarch | mpg123 | < 0.60-3 | UNKNOWN |
| ubuntu | 7.04 | noarch | mpg123 | < 0.60-3 | UNKNOWN |
| ubuntu | 7.10 | noarch | mpg123 | < 0.60-3 | UNKNOWN |
| ubuntu | 8.04 | noarch | mpg123 | < 0.60-3 | UNKNOWN |
| ubuntu | 8.10 | noarch | mpg123 | < 0.60-3 | UNKNOWN |
| ubuntu | 9.04 | noarch | mpg123 | < 0.60-3 | UNKNOWN |
| ubuntu | 9.10 | noarch | mpg123 | < 0.60-3 | UNKNOWN |
Related
nvd
nvd
CVE-2006-3355
2006-07-06 20:05:00
CVE-2004-0982
2005-02-09 05:00:00
debiancve
debiancve
CVE-2006-3355
2006-07-06 20:05:00
CVE-2004-0982
2005-02-09 05:00:00
cvelist
cvelist
CVE-2006-3355
2006-07-06 20:00:00
CVE-2004-0982
2004-11-19 05:00:00
cve
cve
CVE-2006-3355
2006-07-06 20:05:00
CVE-2004-0982
2005-02-09 05:00:00
freebsd
freebsd
mpg123 -- buffer overflow in URL handling
2004-10-02 00:00:00
gentoo
gentoo
mpg123: Buffer overflow vulnerabilities
2004-10-27 00:00:00
mpg123: Heap overflow
2006-07-03 00:00:00
openvas
openvas
FreeBSD Ports: mpg123, mpg123-nas, mpg123-esound
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200410-27 (mpg123)
2008-09-24 00:00:00
Debian: Security Advisory (DSA-578-1)
2008-01-17 00:00:00
nessus
nessus
Debian DSA-578-1 : mpg123 - buffer overflow
2004-11-10 00:00:00
GLSA-200410-27 : mpg123: Buffer overflow vulnerabilities
2004-10-28 00:00:00
Mandrake Linux Security Advisory : mpg123 (MDKSA-2004:120)
2004-11-02 00:00:00
ubuntucve
ubuntucve
CVE-2004-0982
2005-02-09 00:00:00
debian
debian
[SECURITY] [DSA 578-1] New mpg123 packages fix arbitrary code execution
2004-11-01 13:33:16
[SECURITY] [DSA 578-1] New mpg123 packages fix arbitrary code execution
2004-11-01 13:33:16
osv
osv
mpg123 - buffer overflow
2004-11-01 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.109 Low
EPSS
Percentile
95.2%
Related for UB:CVE-2006-3355