CVE-2006-0224

Description

Buffer overflow in Library of Assorted Spiffy Things (LibAST) 0.6.1 and earlier, as used in Eterm and possibly other software, allows local users to execute arbitrary code as the utmp user via a long -X command line argument (alternative configuration file name).

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/24303

http://www.vupen.com/english/advisories/2006/0314

http://www.securityfocus.com/archive/1/423366/100/0/threaded

http://www.securityfocus.com/archive/1/423207/100/0/threaded

http://www.securityfocus.com/archive/1/423088/100/0/threaded

http://www.rosiello.org/en/read_bugs.php?id=25

http://www.osvdb.org/22735

http://www.mandriva.com/security/advisories?name=MDKSA-2006:029

http://www.gentoo.org/security/en/glsa/glsa-200601-14.xml

http://www.debian.org/security/2006/dsa-976

http://securityreason.com/securityalert/373

http://secunia.com/advisories/18916

http://secunia.com/advisories/18632

http://secunia.com/advisories/18586

http://freshmeat.net/projects/libast/?branch_id=17907&release_id=217840

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3