Vulnerabilities > CVE-2006-3145 - Unspecified vulnerability in Netpbm
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN netpbm
nessus
Summary
Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code when assembling the header, possibly related to an off-by-one error.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
Nessus
| NASL family | Mandriva Local Security Checks |
| NASL id | MANDRAKE_MDKA-2006-026.NASL |
| description | The pnmtopalm program, part of netpbm, crashes on many images. (#21020) The pnmtofits program, part of netpbm, crashes during conversion. (#21444) Updated packages have been patched to correct these issues. |
| last seen | 2017-10-29 |
| modified | 2012-09-07 |
| plugin id | 24508 |
| published | 2007-02-18 |
| reporter | Tenable |
| source | https://www.tenable.com/plugins/index.php?view=single&id=24508 |
| title | MDKA-2006:026 : netpbm |
Statements
| contributor | Mark J Cox |
| lastmodified | 2006-08-30 |
| organization | Red Hat |
| statement | This issue did not affect the versions of NetPBM distributed with Red Hat Enterprise Linux 2.1, 3, or 4. |
References
- http://secunia.com/advisories/20729
- http://secunia.com/advisories/20729
- http://secunia.com/advisories/20775
- http://secunia.com/advisories/20775
- http://sourceforge.net/project/shownotes.php?release_id=425770
- http://sourceforge.net/project/shownotes.php?release_id=425770
- http://www.securityfocus.com/bid/18525
- http://www.securityfocus.com/bid/18525
- http://www.trustix.org/errata/2006/0037
- http://www.trustix.org/errata/2006/0037
- http://www.vupen.com/english/advisories/2006/2449
- http://www.vupen.com/english/advisories/2006/2449
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27244
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27244