CVE-2006-0474 - OpenCVE

Multiple integer overflows in Shareaza 2.2.1.0 allow remote attackers to execute arbitrary code via (1) a large packet length field, which causes an overflow in the ReadBuffer function in (a) BTPacket.cpp and (b) EDPacket.cpp, or (2) a large packet, which causes a heap-based overflow in the Write function in (c) Packet.h.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Shareaza	Shareaza

Configuration 1 [-]

cpe:2.3:a:shareaza:shareaza:2.2.1.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0887.html
http://cvs.sourceforge.net/viewcvs.py/shareaza/shareaza/BTPacket.cpp?r1=1.5&r2=1.5.4.1
http://cvs.sourceforge.net/viewcvs.py/shareaza/shareaza/EDPacket.cpp?r1=1.15&r2=1.15.2.1
http://securityreason.com/securityalert/382
http://www.hustlelabs.com/shareaza_advisory.pdf
http://www.securityfocus.com/archive/1/423293/100/0/threaded
http://www.securityfocus.com/bid/16399
https://exchange.xforce.ibmcloud.com/vulnerabilities/24342
https://exchange.xforce.ibmcloud.com/vulnerabilities/24343
https://exchange.xforce.ibmcloud.com/vulnerabilities/24344

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-01-31T11:00:00

Updated: 2024-08-07T16:34:14.835Z

Reserved: 2006-01-31T00:00:00

Link: CVE-2006-0474

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-01-31T11:03:00.000

Modified: 2018-10-19T15:45:00.833

Link: CVE-2006-0474

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-01-27T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple integer overflows in Shareaza 2.2.1.0 allow remote attackers to execute arbitrary code via (1) a large packet length field, which causes an overflow in the ReadBuffer function in (a) BTPacket.cpp and (b) EDPacket.cpp, or (2) a large packet, which causes a heap-based overflow in the Write function in (c) Packet.h."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://cvs.sourceforge.net/viewcvs.py/shareaza/shareaza/BTPacket.cpp?r1=1.5&r2=1.5.4.1"}, {"name": "16399", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/16399"}, {"name": "shareaza-cpacket-bo(24344)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24344"}, {"name": "382", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/382"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://cvs.sourceforge.net/viewcvs.py/shareaza/shareaza/EDPacket.cpp?r1=1.15&r2=1.15.2.1"}, {"tags": ["x_refsource_MISC"], "url": "http://www.hustlelabs.com/shareaza_advisory.pdf"}, {"name": "20060126 Shareaza Remote Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0887.html"}, {"name": "shareaza-btpacket-bo(24342)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24342"}, {"name": "20060127 Shareaza P2P Remote Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/423293/100/0/threaded"}, {"name": "shareaza-cedpacket-bo(24343)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24343"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-0474", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple integer overflows in Shareaza 2.2.1.0 allow remote attackers to execute arbitrary code via (1) a large packet length field, which causes an overflow in the ReadBuffer function in (a) BTPacket.cpp and (b) EDPacket.cpp, or (2) a large packet, which causes a heap-based overflow in the Write function in (c) Packet.h."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://cvs.sourceforge.net/viewcvs.py/shareaza/shareaza/BTPacket.cpp?r1=1.5&r2=1.5.4.1", "refsource": "CONFIRM", "url": "http://cvs.sourceforge.net/viewcvs.py/shareaza/shareaza/BTPacket.cpp?r1=1.5&r2=1.5.4.1"}, {"name": "16399", "refsource": "BID", "url": "http://www.securityfocus.com/bid/16399"}, {"name": "shareaza-cpacket-bo(24344)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24344"}, {"name": "382", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/382"}, {"name": "http://cvs.sourceforge.net/viewcvs.py/shareaza/shareaza/EDPacket.cpp?r1=1.15&r2=1.15.2.1", "refsource": "CONFIRM", "url": "http://cvs.sourceforge.net/viewcvs.py/shareaza/shareaza/EDPacket.cpp?r1=1.15&r2=1.15.2.1"}, {"name": "http://www.hustlelabs.com/shareaza_advisory.pdf", "refsource": "MISC", "url": "http://www.hustlelabs.com/shareaza_advisory.pdf"}, {"name": "20060126 Shareaza Remote Vulnerability", "refsource": "FULLDISC", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0887.html"}, {"name": "shareaza-btpacket-bo(24342)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24342"}, {"name": "20060127 Shareaza P2P Remote Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/423293/100/0/threaded"}, {"name": "shareaza-cedpacket-bo(24343)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24343"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T16:34:14.835Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://cvs.sourceforge.net/viewcvs.py/shareaza/shareaza/BTPacket.cpp?r1=1.5&r2=1.5.4.1"}, {"name": "16399", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/16399"}, {"name": "shareaza-cpacket-bo(24344)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24344"}, {"name": "382", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/382"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://cvs.sourceforge.net/viewcvs.py/shareaza/shareaza/EDPacket.cpp?r1=1.15&r2=1.15.2.1"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.hustlelabs.com/shareaza_advisory.pdf"}, {"name": "20060126 Shareaza Remote Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0887.html"}, {"name": "shareaza-btpacket-bo(24342)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24342"}, {"name": "20060127 Shareaza P2P Remote Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/423293/100/0/threaded"}, {"name": "shareaza-cedpacket-bo(24343)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24343"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-0474", "datePublished": "2006-01-31T11:00:00", "dateReserved": "2006-01-31T00:00:00", "dateUpdated": "2024-08-07T16:34:14.835Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:shareaza:shareaza:2.2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B4830EB9-02BB-4F41-A7AC-76522E8B30EE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple integer overflows in Shareaza 2.2.1.0 allow remote attackers to execute arbitrary code via (1) a large packet length field, which causes an overflow in the ReadBuffer function in (a) BTPacket.cpp and (b) EDPacket.cpp, or (2) a large packet, which causes a heap-based overflow in the Write function in (c) Packet.h."}], "id": "CVE-2006-0474", "lastModified": "2018-10-19T15:45:00.833", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-01-31T11:03:00.000", "references": [{"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0887.html"}, {"source": "cve@mitre.org", "url": "http://cvs.sourceforge.net/viewcvs.py/shareaza/shareaza/BTPacket.cpp?r1=1.5&r2=1.5.4.1"}, {"source": "cve@mitre.org", "url": "http://cvs.sourceforge.net/viewcvs.py/shareaza/shareaza/EDPacket.cpp?r1=1.15&r2=1.15.2.1"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/382"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.hustlelabs.com/shareaza_advisory.pdf"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/423293/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/16399"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24342"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24343"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24344"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}