ID CVE-2006-5749
Summary The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c in the Linux 2.4 kernel before 2.4.34-rc4 does not call the init_timer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash.
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:2.2.21:rc3:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.2.21:rc3:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.2.22:rc3:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.2.22:rc3:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.2.24:rc3:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.2.24:rc3:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.4.30:rc3:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.4.30:rc3:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.4.34:rc3:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.4.34:rc3:*:*:*:*:*:*
CVSS
Base: 1.7 (as of 15-09-2010 - 05:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:L/AC:L/Au:S/C:N/I:N/A:P
refmap via4
bid
  • 21835
  • 21883
bugtraq 20070615 rPSA-2007-0124-1 kernel xen
confirm
mandriva
  • MDKSA-2007:012
  • MDKSA-2007:025
  • MDKSA-2007:040
secunia
  • 23529
  • 23609
  • 23752
  • 24098
  • 24100
  • 24547
  • 25226
  • 25683
  • 25691
suse
  • SUSE-SA:2007:018
  • SUSE-SA:2007:021
  • SUSE-SA:2007:030
  • SUSE-SA:2007:035
trustix 2007-0002
ubuntu USN-416-1
statements via4
contributor Mark J Cox
lastmodified 2007-03-14
organization Red Hat
statement Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Last major update 15-09-2010 - 05:30
Published 31-12-2006 - 05:00
Last modified 15-09-2010 - 05:30
Back to Top