Vulnerabilities > CVE-2007-1669 - Remote Denial of Service vulnerability in Multiple Vendors Zoo Compression Algorithm
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
Vulnerable Configurations
References
- http://secunia.com/advisories/25122
- http://secunia.com/advisories/25315
- http://securityreason.com/securityalert/2680
- http://www.amavis.org/security/asa-2007-2.txt
- http://www.attrition.org/pipermail/vim/2007-July/001725.html
- http://www.osvdb.org/35795
- http://www.securityfocus.com/archive/1/467646/100/0/threaded
- http://www.securityfocus.com/bid/23823
- http://www.vupen.com/english/advisories/2007/1699
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34080