FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2005-4268

This CVE name corresponds to:

Entered Topic
2006-01-27 cpio -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2005-4268
Phase Assigned(20051215)

Description

Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a cpio archive, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits.

References

Source Reference
CONFIRM https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=172669
CONFIRM https://issues.rpath.com/browse/RPL-1338
FREEBSD FreeBSD-SA-06:03
MANDRIVA MDKSA-2005:237
REDHAT RHSA-2007:0245
REDHAT RHSA-2010:0145
SUSE SUSE-SR:2006:010
UBUNTU USN-234-1
BID 16057
OSVDB 22194
OVAL oval:org.mitre.oval:def:10450
OVAL oval:org.mitre.oval:def:6860
SECUNIA 18251
SECUNIA 18278
SECUNIA 18280
SECUNIA 18395
SECUNIA 20117
SECUNIA 25098
SECUNIA 25161
XF cpio-file-size-bo(23855)