CVE-2006-0855
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2006-0855
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Stack-based buffer overflow in the fullpath function in misc.c for zoo 2.10 and earlier, as used in products such as Barracuda Spam Firewall, allows user-assisted attackers to execute arbitrary code via a crafted ZOO file that causes the combine function to return a longer string than expected.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
zoo misc.c缓冲区溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
zoo是用于维护文件集的文件压缩工具。 zoo在处理文件名时存在缓冲区溢出漏洞,攻击者可能利用此漏洞在机器上执行任意指令。 zoo中的fullpath()/misc.c接受指向目录项的指针并返回组合的目录名和文件名。fullpath()调用combine()/misc.c函数,并假设返回字符串长度不会大于256字节,但事实上该字符串可能大于512字节。 如果字符串事实上大于256字节的话,就会在fullpath()/misc.c函数中溢出静态变量,之后的strcpy()操作中会在栈上256字节的目标缓冲区
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2006-0855
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2006-0855
Please Login to view more intelligence information
- http://www.guay-leroux.com/projects/zoo-advisory.txtx_refsource_MISC
- http://www.guay-leroux.com/projects/barracuda-advisory-ZOO.txtx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2006-0855
Same Patch Batch · n/a · 2006-02-23 · 26 CVEs total
| CVE-2006-0868 | PEAR::Auth模块多个SQL注入漏洞 | |
| CVE-2006-0854 | Intensive Point iUser Ecommerce 'common.php'PHP远程文件包含漏洞 | |
| CVE-2006-0853 | True North Software IA EMailServer远程缓冲区溢出漏洞 | |
| CVE-2006-0852 | Admbook 'write.php'直接静态代码注入漏洞 | |
| CVE-2006-0851 | IlchClan forum模块SQL注入漏洞 | |
| CVE-2006-0850 | ilchClan include/includes/user/login.php SQL注入漏洞 | |
| CVE-2005-4727 | GBook跨站脚本攻击漏洞 | |
| CVE-2006-0812 | VisNetic AntiVirus本地提权漏洞 | |
| CVE-2006-0803 | SuSE YaST Online Update脚本签名验证绕过漏洞 | |
| CVE-2005-3525 | Macromedia Shockwave Player ActiveX控件溢出漏洞 | |
| CVE-2006-0720 | Nullsoft Winamp M3U文件处理静态缓冲区溢出漏洞 | |
| CVE-2006-0870 | MiniNuke CMS Pages.ASP SQL注入漏洞 | |
| CVE-2006-0869 | PHP Extension and Application Repository (PEAR) LiveUser 'liveuser.php'目录遍历漏洞 | |
| CVE-2006-0856 | Scriptme SmE GB Host Login.PHP SQL注入漏洞 | |
| CVE-2006-0867 | South River 缓冲区溢出漏洞 | |
| CVE-2006-0866 | PunBB 暴力密码猜测攻击漏洞 | |
| CVE-2006-0865 | PunBB 注册大量用户帐号拒绝服务漏洞 | |
| CVE-2006-0864 | ViRobot Linux服务器认证绕过漏洞 | |
| CVE-2006-0863 | InfoVista VistaPortal 敏感信息泄露漏洞 | |
| CVE-2006-0862 | InfoVista VistaPortal 未明漏洞 |
Showing top 20 of 26 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8261
Squirrel sqobject.cpp Load heap-based overflow - CVE-2026-8258
Squirrel sqstdstring.cpp validate_format stack-based overflo - CVE-2026-8252
Open5GS SMF smf_nsmf_handle_create_data_in_hsmf null pointer - CVE-2026-8251
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8250
Open5GS SMF n4-build.c smf_n4_build_qos_flow_to_modify_list
V. Comments for CVE-2006-0855
No comments yet