Published: 15/12/2005 Updated: 03/10/2018

CVSS v2 Base Score: 3.7 | Impact Score: 6.4 | Exploitability Score: 1.9

VMScore: 329

Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P

Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a cpio archive, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu cpio 2.6-8

Synopsis Moderate: cpio security update Type/Severity Security Advisory: Moderate Topic An updated cpio package that fixes two security issues is now available forRed Hat Enterprise Linux 3This update has been rated as having moderate security impact by the RedHat Security Response Team Descripti ...

Debian Bug report logs - #344134 CVE-2005-4268: Buffer overflow on 64 bit archs Package: cpio; Maintainer for cpio is Anibal Monsalve Salazar <anibal@debianorg>; Source for cpio is src:cpio (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Tue, 20 Dec 2005 10:03:04 UTC Severity: important ...

Richard Harms discovered that cpio did not sufficiently validate file properties when creating archives Files with e g a very large size caused a buffer overflow By tricking a user or an automatic backup system into putting a specially crafted file into a cpio archive, a local attacker could probably exploit this to execute arbitrary code with ...

CWE-119 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=172669 http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:237 http://www.securityfocus.com/bid/16057 http://secunia.com/advisories/18251 http://secunia.com/advisories/18278 http://secunia.com/advisories/18280 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:03.cpio.asc http://www.osvdb.org/22194 http://secunia.com/advisories/18395 http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html http://secunia.com/advisories/20117 http://www.redhat.com/support/errata/RHSA-2007-0245.html http://secunia.com/advisories/25098 https://issues.rpath.com/browse/RPL-1338 http://secunia.com/advisories/25161 http://www.redhat.com/support/errata/RHSA-2010-0145.html https://exchange.xforce.ibmcloud.com/vulnerabilities/23855 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6860 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10450 https://usn.ubuntu.com/234-1/https://access.redhat.com/errata/RHSA-2010:0145 https://usn.ubuntu.com/234-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-4268

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect