Vulnerability Name: | CVE-2006-1827 (CCN-25999) |
Assigned: | 2006-04-07 |
Published: | 2006-04-07 |
Updated: | 2011-03-08 |
Summary: | Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigned length.
|
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): None Integrity (I): Low Availibility (A): None |
|
CVSS v2 Severity: | 6.4 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None | Impact Metrics: | Confidentiality (C): None Integrity (I): Partial Availibility (A): Partial | 5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
| Impact Metrics: | Confidentiality (C): None Integrity (I): Partial Availibility (A): None |
|
Vulnerability Type: | CWE-Other
|
Vulnerability Consequences: | Denial of Service |
References: | Source: MITRE Type: CNA CVE-2006-1827
Source: CONFIRM Type: Patch http://ftp.digium.com/pub/asterisk/releases/asterisk-1.2.7-patch.gz
Source: CCN Type: SA19800 Asterisk JPEG Image Handling Buffer Overflow Vulnerability
Source: SECUNIA Type: UNKNOWN 19800
Source: SECUNIA Type: UNKNOWN 19872
Source: SECUNIA Type: UNKNOWN 19897
Source: CCN Type: Asterisk Web site Asterisk 1.2.7.1 Released
Source: CCN Type: Cipher.org Web site Asterisk (The Open Source PBX) version <= 1.2.6 JPEG Reader (IOF)
Source: MISC Type: Exploit, Patch http://www.cipher.org.uk/index.php?p=advisories/Asterisk_Codec_Integer_Overflow_07-04-2006.advisory
Source: DEBIAN Type: UNKNOWN DSA-1048
Source: DEBIAN Type: DSA-1048 asterisk -- several vulnerabilities
Source: SUSE Type: UNKNOWN SUSE-SR:2006:009
Source: CCN Type: OSVDB ID: 24893 Asterisk JPEG Image Processing Overflow
Source: BID Type: UNKNOWN 17561
Source: CCN Type: BID-17561 Asterisk JPEG File Handling Integer Overflow Vulnerability
Source: VUPEN Type: UNKNOWN ADV-2006-1478
Source: XF Type: UNKNOWN asterisk-formatjpeg-bo(25999)
Source: SUSE Type: SUSE-SR:2006:009 SUSE Security Summary Report
|
Vulnerable Configuration: | Configuration 1: cpe:/a:digium:asterisk:0.1.0:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.1.1:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.1.2:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.1.3:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.1.4:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.1.5:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.1.6:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.1.7:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.1.8:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.1.9:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.1.9.1:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.1.10:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.1.11:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.1.12:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.2:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.2.0:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.3:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.3.0:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.4:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.4.0:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.5.0:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.7.0:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.7.1:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:0.7.2:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:1.0.0:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:1.0.1:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:1.0.2:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:1.0.3:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:1.0.4:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:1.0.5:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:1.0.6:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:1.0.7:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:1.0.8:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:1.0.9:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:1.0_rc1:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:1.0_rc2:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:1.2.0_beta1:*:*:*:*:*:*:*OR cpe:/a:digium:asterisk:*:*:*:*:*:*:*:* (Version <= 1.2.6)
Denotes that component is vulnerable |
Oval Definitions |
|
BACK |