Vulnerability CVE-2005-1260

Vulnerability Name:

CVE-2005-1260 (CCN-20754)

Assigned:

2005-02-15

Published:

2005-02-15

Updated:

2020-11-13

Summary:

bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-400

Vulnerability Consequences:

Denial of Service

References:

Source: CCN
Type: FreeBSD Security Advisory FreeBSD-SA-05:14.bzip2
bzip2 denial of service and permission race vulnerabilities

Source: SGI
Type: Broken Link
20060301-01-U

Source: MITRE
Type: CNA
CVE-2005-1260

Source: CCN
Type: Conectiva Linux Security Announcement CLSA-2005:972
bzip2 security fixes

Source: CCN
Type: Apple Web site
About the security content of Mac OS X 10.4.11 and Security Update 2007-008

Source: CONFIRM
Type: Broken Link
http://docs.info.apple.com/article.html?artnum=307041

Source: APPLE
Type: Mailing List, Third Party Advisory
APPLE-SA-2007-11-14

Source: CCN
Type: RHSA-2005-474
bzip2 security update

Source: CCN
Type: bzip2 decompression bomb vulnerability
CESA-2005-002 - rev 3

Source: CCN
Type: SA15447
bzip2 Decompression Denial of Service Vulnerability

Source: SECUNIA
Type: Third Party Advisory
15447

Source: SECUNIA
Type: Third Party Advisory
19183

Source: CCN
Type: SA27274
Sun Solaris bzip2 Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
27274

Source: CCN
Type: SA27643
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
27643

Source: CCN
Type: bzip2 Web site
The bzip2 and libbzip2 official home page

Source: CCN
Type: Sun Alert ID: 103118
Two Security Vulnerabilities in the bzip2(1) Command may Allow the Permissions of Arbitrary Files to be Modified or Allow for Arbitrarily Large Files to be Created

Source: SUNALERT
Type: Broken Link
103118

Source: SUNALERT
Type: Broken Link
200191

Source: CCN
Type: ASA-2007-451
Two Security Vulnerabilities in the bzip2(1) Command may Allow the Permissions of Arbitrary Files to be Modified or Allow for Arbitrarily Large Files to be Created (Sun 103118)

Source: DEBIAN
Type: Third Party Advisory
DSA-741

Source: DEBIAN
Type: DSA-741
bzip2 -- infinite loop

Source: FEDORA
Type: Permissions Required
FLSA:158801

Source: CCN
Type: OpenPKG-SA-2005.008
bzip2

Source: CCN
Type: OpenPKG-SA-2005.010
OpenPKG

Source: REDHAT
Type: Third Party Advisory
RHSA-2005:474

Source: BID
Type: Third Party Advisory, VDB Entry
13657

Source: CCN
Type: BID-13657
bzip2 Remote Denial of Service Vulnerability

Source: BID
Type: Third Party Advisory, VDB Entry
26444

Source: CCN
Type: BID-26444
Apple Mac OS X v10.4.11 2007-008 Multiple Security Vulnerabilities

Source: CCN
Type: TLSA-2005-60
Two vulnerabilities discovered in bzip2

Source: CCN
Type: USN-127-1
bzip2 vulnerabilities

Source: CERT
Type: Third Party Advisory, US Government Resource
TA07-319A

Source: VUPEN
Type: Permissions Required
ADV-2007-3525

Source: VUPEN
Type: Permissions Required
ADV-2007-3868

Source: XF
Type: UNKNOWN
bzip2-decompression-dos(20754)

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:10700

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:749

Source: UBUNTU
Type: Third Party Advisory
USN-127-1

Source: SUSE
Type: SUSE-SR:2005:015
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:bzip:bzip2:*:*:*:*:*:*:*:* (Version < 1.0.3)

Configuration 2:

cpe:/o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*

Configuration 4:

cpe:/o:apple:mac_os_x:*:*:*:*:*:*:*:* (Version < 10.4.11)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20051260	V	CVE-2005-1260	2015-11-16
oval:org.mitre.oval:def:10700	V	bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").	2013-04-29
oval:com.redhat.rhsa:def:20050474	P	RHSA-2005:474: bzip2 security update (Low)	2008-03-20
oval:org.mitre.oval:def:749	V	bzip2 Decompression Bomb	2005-09-21
oval:org.debian:def:741	V	infinite loop	2005-07-07

BACK