Vulnerability Name:

CVE-2006-1168 (CCN-28315)

Assigned:2006-08-08
Published:2006-08-08
Updated:2017-10-11
Summary:The decompress function in compress42.c in (1) ncompress 4.2.4 and (2) liblzw allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code, via crafted data that leads to a buffer underflow.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.1 Medium (REDHAT CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: SGI
Type: UNKNOWN
20060901-01-P

Source: MISC
Type: UNKNOWN
http://bugs.gentoo.org/show_bug.cgi?id=141728

Source: MITRE
Type: CNA
CVE-2006-1168

Source: CONFIRM
Type: UNKNOWN
http://downloads.avaya.com/css/P8/documents/100158840

Source: CCN
Type: RHSA-2006-0663
ncompress security update

Source: CCN
Type: RHSA-2012-0308
Low: busybox security and bug fix update

Source: CCN
Type: RHSA-2012-0810
Low: busybox security and bug fix update

Source: REDHAT
Type: UNKNOWN
RHSA-2012:0810

Source: CCN
Type: ncompress Web site
ncompress 4.2.4-31 RPM for i386

Source: CCN
Type: SA21427
ncompress "decompress()" Buffer Overflow Vulnerability

Source: SECUNIA
Type: Vendor Advisory
21427

Source: SECUNIA
Type: Patch, Vendor Advisory
21434

Source: SECUNIA
Type: Patch, Vendor Advisory
21437

Source: SECUNIA
Type: UNKNOWN
21467

Source: SECUNIA
Type: UNKNOWN
21880

Source: SECUNIA
Type: UNKNOWN
22036

Source: SECUNIA
Type: UNKNOWN
22296

Source: CCN
Type: SA22377
Avaya Products ncompress Buffer Overflow Vulnerability

Source: SECUNIA
Type: UNKNOWN
22377

Source: GENTOO
Type: UNKNOWN
GLSA-200610-03

Source: CCN
Type: SECTRACK ID: 1016836
ncompress Buffer Overflow in decompress() Lets Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1016836

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2006-226.htm

Source: CCN
Type: ASA-2006-226
ncompress security update (RHSA-2006-0663)

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-1149

Source: DEBIAN
Type: DSA-1149
ncompress -- buffer underflow

Source: CCN
Type: GLSA-200610-03
ncompress: Buffer Underflow

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:140

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2012:129

Source: SUSE
Type: UNKNOWN
SUSE-SR:2006:020

Source: REDHAT
Type: UNKNOWN
RHSA-2006:0663

Source: BID
Type: UNKNOWN
19455

Source: CCN
Type: BID-19455
NCompress Decompress Buffer Underflow Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2006-3234

Source: MISC
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=728536

Source: XF
Type: UNKNOWN
ncompress-decompress-underflow(28315)

Source: XF
Type: UNKNOWN
ncompress-decompress-underflow(28315)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9373

Source: SUSE
Type: SUSE-SR:2006:020
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:ncompress:ncompress:4.2.4:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

    • Configuration RedHat 10:
  • cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

    • Configuration RedHat 11:
  • cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

    • Configuration RedHat 12:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

    • Configuration RedHat 13:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20061168
    V
    		CVE-2006-1168
    2022-06-30
    oval:org.opensuse.security:def:113019
    P
    		ncompress-4.2.4.4-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:106464
    P
    		Security update for clamav (Moderate)
    2021-12-06
    oval:org.mitre.oval:def:22866
    P
    		ELSA-2012:0308: busybox security and bug fix update (Low)
    2014-05-26
    oval:org.mitre.oval:def:23400
    P
    		ELSA-2012:0810: busybox security and bug fix update (Low)
    2014-05-26
    oval:org.mitre.oval:def:20788
    P
    		RHSA-2012:0308: busybox security and bug fix update (Low)
    2014-02-24
    oval:org.mitre.oval:def:21495
    P
    		RHSA-2012:0810: busybox security and bug fix update (Low)
    2014-02-24
    oval:org.mitre.oval:def:9373
    V
    		The decompress function in compress42.c in (1) ncompress 4.2.4 and (2) liblzw allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code, via crafted data that leads to a buffer underflow.
    2013-04-29
    oval:com.redhat.rhsa:def:20120810
    P
    		RHSA-2012:0810: busybox security and bug fix update (Low)
    2012-06-20
    oval:com.redhat.rhsa:def:20120308
    P
    		RHSA-2012:0308: busybox security and bug fix update (Low)
    2012-02-21
    oval:com.redhat.rhsa:def:20060663
    P
    		RHSA-2006:0663: ncompress security update (Low)
    2008-03-20
    oval:org.debian:def:1149
    V
    		buffer underflow
    2006-08-10
    BACK
    ncompress ncompress 4.2.4