| ID |
CVE-2006-5749
|
| Summary |
The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c in the Linux 2.4 kernel before 2.4.34-rc4 does not call the init_timer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:o:linux:linux_kernel:2.2.21:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.21:rc3:*:*:*:*:*:*
-
cpe:2.3:o:linux:linux_kernel:2.2.22:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.22:rc3:*:*:*:*:*:*
-
cpe:2.3:o:linux:linux_kernel:2.2.24:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.24:rc3:*:*:*:*:*:*
-
cpe:2.3:o:linux:linux_kernel:2.4.30:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.30:rc3:*:*:*:*:*:*
-
cpe:2.3:o:linux:linux_kernel:2.4.34:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.34:rc3:*:*:*:*:*:*
|
| CVSS |
| Base: | 1.7 (as of 13-02-2023 - 02:16) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| LOCAL |
LOW |
SINGLE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
NONE |
PARTIAL |
|
| cvss-vector
via4
|
AV:L/AC:L/Au:S/C:N/I:N/A:P
|
| refmap
via4
|
| bid | | | bugtraq | 20070615 rPSA-2007-0124-1 kernel xen | | confirm | | | mandriva | - MDKSA-2007:012
- MDKSA-2007:025
- MDKSA-2007:040
| | secunia | - 23529
- 23609
- 23752
- 24098
- 24100
- 24547
- 25226
- 25683
- 25691
| | suse | - SUSE-SA:2007:018
- SUSE-SA:2007:021
- SUSE-SA:2007:030
- SUSE-SA:2007:035
| | trustix | 2007-0002 | | ubuntu | USN-416-1 |
|
| statements
via4
|
| contributor | Mark J Cox | | lastmodified | 2007-03-14 | | organization | Red Hat | | statement | Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch. |
|
| Last major update |
13-02-2023 - 02:16 |
| Published |
31-12-2006 - 05:00 |
| Last modified |
13-02-2023 - 02:16 |
