CVE-2006-5781 - Vulnerability Details - OpenCVE

Stack-based buffer overflow in the handshake function in iodine 0.3.2 allows remote attackers to execute arbitrary code via a crafted DNS response.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Iodine	Iodine

Configuration 1 [-]

cpe:2.3:a:iodine:iodine:0.3.2:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://code.kryo.se/iodine/CHANGELOG.txt
http://secunia.com/advisories/22674
http://securitytracker.com/id?1017155
http://www.osvdb.org/30182
http://www.securityfocus.com/archive/1/450399/100/0/threaded
http://www.securityfocus.com/bid/20883
http://www.vupen.com/english/advisories/2006/4333
https://exchange.xforce.ibmcloud.com/vulnerabilities/29995

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-11-07T20:00:00

Updated: 2024-08-07T20:04:55.573Z

Reserved: 2006-11-07T00:00:00

Link: CVE-2006-5781

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-11-07T20:07:00.000

Modified: 2024-11-21T00:20:31.397

Link: CVE-2006-5781

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-11-02T00:00:00", "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the handshake function in iodine 0.3.2 allows remote attackers to execute arbitrary code via a crafted DNS response."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-17T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20061102 iodine client 0.3.2 buffer overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/450399/100/0/threaded"}, {"name": "20883", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/20883"}, {"name": "30182", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/30182"}, {"name": "22674", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/22674"}, {"name": "ADV-2006-4333", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/4333"}, {"name": "1017155", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017155"}, {"name": "iodine-handshake-bo(29995)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29995"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://code.kryo.se/iodine/CHANGELOG.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-5781", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stack-based buffer overflow in the handshake function in iodine 0.3.2 allows remote attackers to execute arbitrary code via a crafted DNS response."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20061102 iodine client 0.3.2 buffer overflow", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/450399/100/0/threaded"}, {"name": "20883", "refsource": "BID", "url": "http://www.securityfocus.com/bid/20883"}, {"name": "30182", "refsource": "OSVDB", "url": "http://www.osvdb.org/30182"}, {"name": "22674", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22674"}, {"name": "ADV-2006-4333", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/4333"}, {"name": "1017155", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017155"}, {"name": "iodine-handshake-bo(29995)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29995"}, {"name": "http://code.kryo.se/iodine/CHANGELOG.txt", "refsource": "CONFIRM", "url": "http://code.kryo.se/iodine/CHANGELOG.txt"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T20:04:55.573Z"}, "title": "CVE Program Container", "references": [{"name": "20061102 iodine client 0.3.2 buffer overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/450399/100/0/threaded"}, {"name": "20883", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/20883"}, {"name": "30182", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/30182"}, {"name": "22674", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/22674"}, {"name": "ADV-2006-4333", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/4333"}, {"name": "1017155", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017155"}, {"name": "iodine-handshake-bo(29995)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29995"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://code.kryo.se/iodine/CHANGELOG.txt"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-5781", "datePublished": "2006-11-07T20:00:00", "dateReserved": "2006-11-07T00:00:00", "dateUpdated": "2024-08-07T20:04:55.573Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:iodine:iodine:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "04999034-58F6-4148-A6D3-67E8F9B30194", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the handshake function in iodine 0.3.2 allows remote attackers to execute arbitrary code via a crafted DNS response."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en la pila en la funci\u00f3n handshake en iodine 0.3.2 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante una respuesta DNS artesanal."}], "id": "CVE-2006-5781", "lastModified": "2024-11-21T00:20:31.397", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-11-07T20:07:00.000", "references": [{"source": "cve@mitre.org", "url": "http://code.kryo.se/iodine/CHANGELOG.txt"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/22674"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://securitytracker.com/id?1017155"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/30182"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/450399/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.securityfocus.com/bid/20883"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/4333"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29995"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://code.kryo.se/iodine/CHANGELOG.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/22674"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://securitytracker.com/id?1017155"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/30182"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/450399/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.securityfocus.com/bid/20883"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/4333"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29995"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}