Lucene search

[email protected]CVE-2006-6693

HistoryDec 21, 2006 - 9:28 p.m.

CVE-2006-6693

2006-12-2121:28:00

[email protected]

web.nvd.nist.gov

cve-2006-6693

buffer overflow

zabbix

denial of service

application crash

arbitrary code

vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.4%

JSON

Multiple buffer overflows in zabbix before 20061006 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via long strings to the (1) zabbix_log and (2) zabbix_syslog functions.

Affected configurations

NVD

Node

zabbixzabbixMatch1.1.2

CPENameOperatorVersion
zabbix:zabbixzabbixeq1.1.2

CPE	Name	Operator	Version
zabbix:zabbix	zabbix	eq	1.1.2

References

bugs.debian.org/cgi-bin/bugreport.cgi/zabbix.security.patch?bug=391388%3Bmsg=5%3Batt=1

bugs.debian.org/cgi-bin/bugreport.cgi?bug=391388

secunia.com/advisories/22313

www.securityfocus.com/bid/20416

www.vupen.com/english/advisories/2006/3959

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.4%

JSON

Related for CVE-2006-6693

ubuntucve1 cvelist1 debiancve1 nvd1