CVE-2006-5749

Sažetak

The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c in the Linux 2.4 kernel before 2.4.34-rc4 does not call the init_timer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash.

Reference

http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.34
http://secunia.com/advisories/23529
http://www.trustix.org/errata/2007/0002/
http://www.securityfocus.com/bid/21835
http://secunia.com/advisories/23609
http://www.novell.com/linux/security/advisories/2007_18_kernel.html
http://www.novell.com/linux/security/advisories/2007_21_kernel.html
http://www.ubuntu.com/usn/usn-416-1
http://www.securityfocus.com/bid/21883
http://secunia.com/advisories/23752
http://secunia.com/advisories/24100
http://secunia.com/advisories/24098
http://secunia.com/advisories/24547
http://www.novell.com/linux/security/advisories/2007_30_kernel.html
http://www.securityfocus.com/archive/1/471457
http://www.mandriva.com/security/advisories?name=MDKSA-2007:012
http://www.mandriva.com/security/advisories?name=MDKSA-2007:025
http://www.mandriva.com/security/advisories?name=MDKSA-2007:040
http://www.novell.com/linux/security/advisories/2007_35_kernel.html
http://secunia.com/advisories/25683
http://secunia.com/advisories/25691
http://secunia.com/advisories/25226
http://www.kernel.org/git/?p=linux/kernel/git/wtarreau/linux-2.4.git%3Ba=commitdiff%3Bh=05dca9b77f99d80cf615075624666106d5b61727

CVSS

Base:	1.7
Impact:	2.9
Exploitability:	3.1

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:L/AC:L/Au:S/C:N/I:N/A:P

Zadnje važnije ažuriranje

13-02-2023 - 02:16

Objavljeno

31-12-2006 - 05:00