{"vuid":"VU#176363","idnumber":"176363","name":"ncompress vulnerable to buffer overflow via long filename","keywords":["ncompress","buffer overflow","long filename","1023 characters"],"overview":"Some versions of ncompress contain a buffer-overflow vulnerability.","clean_desc":"Versions 4.2.4 and earlier of ncompress do not properly handle filenames longer than 1023 characters.","impact":"By supplying long filenames to ncompress, an attacker may be able to gain local access to the server or force ncompress to execute arbitrary code.","resolution":"Obtain a patch from your vendor.","workarounds":"Remove ncompress or remove execute permissions.","sysaffected":"","thanks":"Thanks to Pavel Kankovsky for reporting this vulnerability.","author":"This document was written by Shawn Van Ittersum.","public":["h","t","t","p",":","/","/","s","e","c","u","r","i","t","y","-","a","r","c","h","i","v","e",".","m","e","r","t","o","n",".","o","x",".","a","c",".","u","k","/","s","e","c","u","r","i","t","y","-","a","u","d","i","t","-","2","0","0","1","0","6","/","0","0","0","8",".","h","t","m","l"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2002-01-28T23:31:41Z","publicdate":"2001-11-20T00:00:00Z","datefirstpublished":"2002-08-01T00:04:33Z","dateupdated":"2002-08-10T19:45:21Z","revision":11,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"8","cam_exploitation":"0","cam_internetinfrastructure":"8","cam_population":"8","cam_impact":"4","cam_easeofexploitation":"8","cam_attackeraccessrequired":"12","cam_scorecurrent":"0.9216","cam_scorecurrentwidelyknown":"1.6128","cam_scorecurrentwidelyknownexploited":"2.7648","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":0.9216,"vulnote":null}