1. CVE-Search
  2. CVE-2006-4304
ID CVE-2006-4304
Summary Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver.
References
Vulnerable Configurations
  • cpe:2.3:o:freebsd:freebsd:4.11:*:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:4.11:*:*:*:*:*:*:*
  • cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*
  • cpe:2.3:o:freebsd:freebsd:5.4:*:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:5.4:*:*:*:*:*:*:*
  • cpe:2.3:o:freebsd:freebsd:5.5:*:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:5.5:*:*:*:*:*:*:*
  • cpe:2.3:o:freebsd:freebsd:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:freebsd:freebsd:6.1:*:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:6.1:*:*:*:*:*:*:*
  • cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*
    cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*
  • cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*
    cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*
  • cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*
    cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*
  • cpe:2.3:o:openbsd:openbsd:3.8:*:*:*:*:*:*:*
    cpe:2.3:o:openbsd:openbsd:3.8:*:*:*:*:*:*:*
  • cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*
    cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 20-07-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 19684
freebsd FreeBSD-SA-06:08
misc http://security.FreeBSD.org/patches/SA-06:18/ppp4x.patch
netbsd NetBSD-SA2006-019
openbsd
  • [3.8] 20060902 014: SECURITY FIX: September 2, 2006
  • [3.9] 20060902 009: SECURITY FIX: September 2, 2006
sectrack 1016745
secunia
  • 21587
  • 21731
xf sppp4-lcp-bo(28562)
Last major update 20-07-2017 - 01:32
Published 24-08-2006 - 01:04
Last modified 20-07-2017 - 01:32
Back to Top