Lucene search

[email protected]CVE-2006-4611

HistorySep 07, 2006 - 12:04 a.m.

CVE-2006-4611

2006-09-0700:04:00

[email protected]

web.nvd.nist.gov

cve-2006-4611

buffer overflow

remote code execution

dsocks

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.236 Low

EPSS

Percentile

96.6%

JSON

Buffer overflow in the _tor_resolve function in dsocks.c in dsocks before 1.4 allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long node name.

Affected configurations

NVD

Node

dsocksdsocksRange≤1.3

CPENameOperatorVersion
dsocks:dsocksdsocksle1.3

CPE	Name	Operator	Version
dsocks:dsocks	dsocks	le	1.3

References

lists.grok.org.uk/pipermail/full-disclosure/2006-September/049258.html

secunia.com/advisories/21771

securityreason.com/securityalert/1493

www.monkey.org/~dugsong/dsocks/

www.securityfocus.com/archive/1/445200/100/0/threaded

www.securityfocus.com/bid/19852

www.vupen.com/english/advisories/2006/3526

exchange.xforce.ibmcloud.com/vulnerabilities/28762

www.exploit-db.com/exploits/2303

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.236 Low

EPSS

Percentile

96.6%

JSON

Related for CVE-2006-4611

nvd1 cvelist1