ID |
CVE-2006-4126
|
Summary |
The dc_chat function in cmd.dc.c in DConnect Daemon 0.7.0 and earlier allows remote attackers to cause a denial of service (application crash) by sending a client message before providing the nickname, which triggers a null pointer dereference. This vulnerability is addressed in the following product release:
DConnect, DConnect Daemon, 0.7.1 |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:dconnect:dconnect_daemon:0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:dconnect:dconnect_daemon:0.0.2:*:*:*:*:*:*:*
-
cpe:2.3:a:dconnect:dconnect_daemon:0.0.3:*:*:*:*:*:*:*
cpe:2.3:a:dconnect:dconnect_daemon:0.0.3:*:*:*:*:*:*:*
-
cpe:2.3:a:dconnect:dconnect_daemon:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:dconnect:dconnect_daemon:0.7.0:*:*:*:*:*:*:*
|
CVSS |
Base: | 5.0 (as of 17-10-2018 - 21:33) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
refmap
via4
|
bid | 19370 | bugtraq | 20060806 Multiple vulnerabilities in DConnect Daemon 0.7.0 (CVS 30 Jul 2006) | confirm | | sectrack | 1016641 | secunia | 21384 | sreason | 1377 | vupen | ADV-2006-3181 | xf | dconnect-daemon-dcchat-dos(28279) |
|
Last major update |
17-10-2018 - 21:33 |
Published |
14-08-2006 - 23:04 |
Last modified |
17-10-2018 - 21:33 |