CVE-2006-0967 - NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local us

CVE-2006-0967

Summary

NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to cause a denial of service (memory usage and cpu utilization) via a flood of arbitrary UDP datagrams to ports 0 to 65000. NOTE: this issue was reported as a buffer overflow, but that term usually does not apply in flooding attacks.

References

Vulnerable Configurations

cpe:2.3:a:ncp_network_communications:secure_client:8.11_build_146:*:*:*:*:*:*:*
cpe:2.3:a:ncp_network_communications:secure_client:8.11_build_146:*:*:*:*:*:*:*

CVSS

Base:	2.1 (as of 18-10-2018 - 16:29)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	16906
bugtraq	20060301 NCP VPN/PKI Client - various Bugs
fulldisc	20060301 NCP VPN/PKI Client - various Bugs
secunia	19082
xf	ncp-udp-dos(25249)

Last major update

18-10-2018 - 16:29

Published

02-03-2006 - 23:02

Last modified

18-10-2018 - 16:29