CVE-2006-0804

Off-by-one error in TIN 1.8.0 and earlier might allow attackers to execute arbitrary code via unknown vectors that trigger a buffer overflow.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/19130
http://security.gentoo.org/glsa/glsa-200611-18.xml
http://www.novell.com/linux/security/advisories/2006_05_sr.html
http://www.openpkg.org/security/OpenPKG-SA-2006.005-tin.html	Vendor Advisory
http://www.securityfocus.com/bid/16728
http://www.vupen.com/english/advisories/2006/0702
https://exchange.xforce.ibmcloud.com/vulnerabilities/24841

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:tin:tin:1.0_pl0:::::::*
	cpe:2.3:a:tin:tin:1.0_pl1:::::::*
	cpe:2.3:a:tin:tin:1.0_pl2:::::::*
	cpe:2.3:a:tin:tin:1.0_pl3:::::::*
	cpe:2.3:a:tin:tin:1.0_pl4:::::::*
	cpe:2.3:a:tin:tin:1.0_pl5:::::::*
	cpe:2.3:a:tin:tin:1.1_pl0:::::::*
	cpe:2.3:a:tin:tin:1.1_pl1:::::::*
	cpe:2.3:a:tin:tin:1.1_pl2:::::::*
	cpe:2.3:a:tin:tin:1.1_pl3:::::::*
	cpe:2.3:a:tin:tin:1.1_pl4:::::::*
	cpe:2.3:a:tin:tin:1.1_pl5:::::::*
	cpe:2.3:a:tin:tin:1.1_pl6:::::::*
	cpe:2.3:a:tin:tin:1.1_pl7:::::::*
	cpe:2.3:a:tin:tin:1.1_pl8:::::::*
	cpe:2.3:a:tin:tin:1.1_pl9:::::::*
	cpe:2.3:a:tin:tin:1.2_pl0:::::::*
	cpe:2.3:a:tin:tin:1.2_pl1:::::::*
	cpe:2.3:a:tin:tin:1.2_pl2:::::::*
	cpe:2.3:a:tin:tin:1.4.0:::::::*
	cpe:2.3:a:tin:tin:1.4.1:::::::*
	cpe:2.3:a:tin:tin:1.4.2:::::::*
	cpe:2.3:a:tin:tin:1.4.3:::::::*
	cpe:2.3:a:tin:tin:1.4.4:::::::*
	cpe:2.3:a:tin:tin:1.4.5:::::::*
	cpe:2.3:a:tin:tin:1.4.6:::::::*
	cpe:2.3:a:tin:tin:1.4.7:::::::*
	cpe:2.3:a:tin:tin:1.6.0:::::::*
	cpe:2.3:a:tin:tin:1.6.1:::::::*
	cpe:2.3:a:tin:tin:1.6.2:::::::*
	cpe:2.3:a:tin:tin:1.8.0:::::::*

History

No history.

Information

Published : 2006-02-21 01:02

Updated : 2017-07-20 01:30

NVD link : CVE-2006-0804

Mitre link : CVE-2006-0804

CVE.ORG link : CVE-2006-0804

JSON object : View

Products Affected

tin

tin

CWE

NVD-CWE-Other

{"id": "CVE-2006-0804", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-02-21T01:02:00.000", "references": [{"url": "http://secunia.com/advisories/19130", "source": "cve@mitre.org"}, {"url": "http://security.gentoo.org/glsa/glsa-200611-18.xml", "source": "cve@mitre.org"}, {"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html", "source": "cve@mitre.org"}, {"url": "http://www.openpkg.org/security/OpenPKG-SA-2006.005-tin.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/16728", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/0702", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24841", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Off-by-one error in TIN 1.8.0 and earlier might allow attackers to execute arbitrary code via unknown vectors that trigger a buffer overflow."}], "lastModified": "2017-07-20T01:30:05.270", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tin:tin:1.0_pl0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E6FA467-6A46-4513-9405-E778D46E3BE5"}, {"criteria": "cpe:2.3:a:tin:tin:1.0_pl1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B532821E-A6CF-4932-85E9-1F8E0BF7E696"}, {"criteria": "cpe:2.3:a:tin:tin:1.0_pl2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE2693D0-3F64-4BC0-9D56-0C99B1B1EC91"}, {"criteria": "cpe:2.3:a:tin:tin:1.0_pl3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDE0B836-3F96-48AB-94CB-4241FA21576B"}, {"criteria": "cpe:2.3:a:tin:tin:1.0_pl4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85F92DC4-7ACF-496B-BD2E-6679281219E9"}, {"criteria": "cpe:2.3:a:tin:tin:1.0_pl5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C077CED8-6D1E-4ECA-B8E3-7634078DE1C1"}, {"criteria": "cpe:2.3:a:tin:tin:1.1_pl0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27015BC4-E203-4603-80E1-4BA4C925A7F0"}, {"criteria": "cpe:2.3:a:tin:tin:1.1_pl1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90BB936C-C6A1-40A6-8F8D-1DC9A100E28E"}, {"criteria": "cpe:2.3:a:tin:tin:1.1_pl2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56E8C9CF-7F85-410E-AB45-8F3EDE68A005"}, {"criteria": "cpe:2.3:a:tin:tin:1.1_pl3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B0F1CB0-423D-4149-9C5E-4A8B5F5375E7"}, {"criteria": "cpe:2.3:a:tin:tin:1.1_pl4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49ADD7ED-1178-451F-B7DF-EE2D213ADE7A"}, {"criteria": "cpe:2.3:a:tin:tin:1.1_pl5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87618A74-D344-4FF4-9C75-9B24A647F1BE"}, {"criteria": "cpe:2.3:a:tin:tin:1.1_pl6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2CF6A3C-4312-49DD-A9F1-F5B55A18D87C"}, {"criteria": "cpe:2.3:a:tin:tin:1.1_pl7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E5D36C5-1113-48A4-A776-8F8FAC5B72A0"}, {"criteria": "cpe:2.3:a:tin:tin:1.1_pl8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33F64DB7-C275-4D33-AC2A-3FE215896481"}, {"criteria": "cpe:2.3:a:tin:tin:1.1_pl9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "770A3C2E-5EFC-4E23-8C36-69B653CC8436"}, {"criteria": "cpe:2.3:a:tin:tin:1.2_pl0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E059394C-1DA7-4BF8-B63A-87FBA2153433"}, {"criteria": "cpe:2.3:a:tin:tin:1.2_pl1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2C33A8E-505C-4FA5-86CB-A8938E1C94F7"}, {"criteria": "cpe:2.3:a:tin:tin:1.2_pl2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2BD5994-E360-4F5E-933E-6FC0617884F3"}, {"criteria": "cpe:2.3:a:tin:tin:1.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48120E15-6AC0-4DF0-B49D-86136AB120CC"}, {"criteria": "cpe:2.3:a:tin:tin:1.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D345E12-853B-4856-861E-9CD6F9345769"}, {"criteria": "cpe:2.3:a:tin:tin:1.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B7FC2D9-DFDB-4125-AF83-A0A1F9B432F9"}, {"criteria": "cpe:2.3:a:tin:tin:1.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F409406-2074-40B9-AD79-719B1B83B921"}, {"criteria": "cpe:2.3:a:tin:tin:1.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "097F27AC-AEE1-4F17-B47B-B09721214DD4"}, {"criteria": "cpe:2.3:a:tin:tin:1.4.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67B00E77-9D85-42F5-BF7B-4A0567ED8892"}, {"criteria": "cpe:2.3:a:tin:tin:1.4.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0ECAA463-5591-417E-ABB1-4B3590921C2C"}, {"criteria": "cpe:2.3:a:tin:tin:1.4.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "149583BE-A335-481B-9D9E-2C86A1AE8313"}, {"criteria": "cpe:2.3:a:tin:tin:1.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1397B7B8-5D68-487C-B39E-081E622BFADA"}, {"criteria": "cpe:2.3:a:tin:tin:1.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32BF2B08-3BC8-4A11-9BC5-CE3229D111A5"}, {"criteria": "cpe:2.3:a:tin:tin:1.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "003A60D6-B60E-47F9-A968-996EF4B50D4B"}, {"criteria": "cpe:2.3:a:tin:tin:1.8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E8E7324-DF17-49A0-B766-4260AAB9F365"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}