CVE-2006-2555 Information

Description

The parse_command function in Genecys 0.2 and earlier allows remote attackers to cause a denial of service (crash) via a command with a missing :\ (colon) separator which triggers a null dereference.

Reference

http://aluigi.altervista.org/adv/genecysbof-adv.txt http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046015.html http://secunia.com/advisories/20099 http://securityreason.com/securityalert/944 http://www.osvdb.org/25482 http://www.securityfocus.com/archive/1/433929/30/5010/threaded http://www.securityfocus.com/bid/17969 http://www.vupen.com/english/advisories/2006/1815 https://exchange.xforce.ibmcloud.com/vulnerabilities/26523