Vulnerabilities > CVE-2006-4438 - Buffer-Overflow vulnerability in Dr. Web Anti-Virus LHA Archive Heap

047910
CVSS 6.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
doctor-web-ltd
exploit available
NVD
Published: 2006-09-20
Updated: 2011-03-08

Summary

Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux 4.33, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LHA archive with an extended header that contains a long directory name.

Vulnerable Configurations

Part Description Count
Application
Doctor_Web_Ltd
1

Exploit-Db

descriptionDr.Web Antivirus 4.33 (LHA long directory name) Local Overflow Exploit. CVE-2006-4438. Local exploit for linux platform
idEDB-ID:2404
last seen2016-01-31
modified2006-09-20
published2006-09-20
reporterGuay-Leroux
sourcehttps://www.exploit-db.com/download/2404/
titleDr.Web Antivirus 4.33 LHA long directory name Local Overflow Exploit

References