Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2006-1168HistoryAug 14, 2006 - 8:04 p.m.
CVE-2006-1168
2006-08-1420:04:00
Debian Security Bug Tracker
security-tracker.debian.org
12
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.103 Low
EPSS
Percentile
95.0%
The decompress function in compress42.c in (1) ncompress 4.2.4 and (2) liblzw allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code, via crafted data that leads to a buffer underflow.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | ncompress | < 4.2.4-16 | ncompress_4.2.4-16_all.deb |
| Debian | 11 | all | ncompress | < 4.2.4-16 | ncompress_4.2.4-16_all.deb |
| Debian | 999 | all | ncompress | < 4.2.4-16 | ncompress_4.2.4-16_all.deb |
| Debian | 13 | all | ncompress | < 4.2.4-16 | ncompress_4.2.4-16_all.deb |
Related
centos
centos
ncompress security update
2006-09-13 01:52:24
ncompress security update
2006-09-12 19:02:58
busybox security update
2012-07-10 17:22:13
prion
prion
cvelist
cvelist
openvas
openvas
Debian: Security Advisory (DSA-1149-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 1149-1 (ncompress)
2008-01-17 00:00:00
SLES9: Security update for ncompress
2009-10-10 00:00:00
ubuntucve
ubuntucve
cve
cve
nessus
nessus
GLSA-200610-03 : ncompress: Buffer Underflow
2006-10-10 00:00:00
Mandrake Linux Security Advisory : ncompress (MDKSA-2006:140)
2006-12-16 00:00:00
RHEL 2.1 / 3 / 4 : ncompress (RHSA-2006:0663)
2006-09-14 00:00:00
gentoo
gentoo
ncompress: Buffer Underflow
2006-10-06 00:00:00
BusyBox: Multiple vulnerabilities
2013-12-03 00:00:00
redhat
redhat
(RHSA-2006:0663) ncompress security update
2006-09-12 00:00:00
(RHSA-2012:0308) Low: busybox security and bug fix update
2012-02-21 00:00:00
(RHSA-2012:0810) Low: busybox security and bug fix update
2012-06-20 00:00:00
oraclelinux
oraclelinux
Low ncompress security update
2006-11-30 00:00:00
busybox security and bug fix update
2012-06-27 00:00:00
busybox security and bug fix update
2012-03-01 00:00:00
securityvulns
securityvulns
[ MDKSA-2006:140 ] - Updated ncompress packages fix vulnerability
2006-08-10 00:00:00
nvd
nvd
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 08:52:23
Arbitrary Code Execution
2019-05-02 04:41:55
debian
debian
[SECURITY] [DSA 1149-1] New ncompress packages fix potential code execution
2006-08-10 05:33:16
amazon
amazon
Low: busybox
2012-07-05 16:23:00
debiancve
debiancve
CVE-2011-2895
2011-08-19 17:55:03
CVE-2011-2896
2011-08-19 17:55:03
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.103 Low
EPSS
Percentile
95.0%
Related for DEBIANCVE:CVE-2006-1168