ID CVE-2006-5466
Summary Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ru_RU.UTF-8, might allow user-assisted attackers to execute arbitrary code via crafted RPM packages.
References
Vulnerable Configurations
  • cpe:2.3:a:rpm:package_manager:4.4.8
    cpe:2.3:a:rpm:package_manager:4.4.8
  • cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts
    cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts
  • cpe:2.3:o:ubuntu:ubuntu_linux:6.10:-:i386
    cpe:2.3:o:ubuntu:ubuntu_linux:6.10:-:i386
CVSS
Base: 5.4 (as of 07-11-2006 - 14:11)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-200.NASL
    description A heap-based buffer overflow was discovered in librpm when the LANG or LC_ALL environment variable is set to ru_RU.UTF-8 (and possibly other locales), which could allow for user-assisted attackers to execute arbitrary code via crafted RPM packages. Updated packages have been patched to correct this issue.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 24585
    published 2007-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24585
    title Mandrake Linux Security Advisory : rpm (MDKSA-2006:200)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200611-08.NASL
    description The remote host is affected by the vulnerability described in GLSA-200611-08 (RPM: Buffer overflow) Vladimir Mosgalin has reported that when processing certain packages, RPM incorrectly allocates memory for the packages, possibly causing a heap-based buffer overflow. Impact : An attacker could entice a user to open a specially crafted RPM package and execute code with the privileges of that user if certain locales are set. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 23673
    published 2006-11-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23673
    title GLSA-200611-08 : RPM: Buffer overflow
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-378-1.NASL
    description An error was found in the RPM library's handling of query reports. In some locales, certain RPM packages would cause the library to crash. If a user was tricked into querying a specially crafted RPM package, the flaw could be exploited to execute arbitrary code with the user's privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 27960
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27960
    title Ubuntu 6.06 LTS / 6.10 : rpm vulnerability (USN-378-1)
refmap via4
bid 20906
gentoo GLSA-200611-08
mandriva MDKSA-2006:200
misc https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=212833
sectrack 1017160
secunia
  • 22740
  • 22745
  • 22768
  • 22854
ubuntu USN-378-1
vupen ADV-2006-4350
statements via4
contributor Joshua Bressers
lastmodified 2007-03-14
organization Red Hat
statement Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=213515 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/ Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Last major update 07-03-2011 - 21:43
Published 06-11-2006 - 12:07
Back to Top