CVE-2006-0454

{"id": "CVE-2006-0454", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-02-07T18:06:00.000", "references": [{"url": "http://lists.immunitysec.com/pipermail/dailydave/2006-February/002909.html", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=linux-kernel&m=113927617401569&w=2", "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=linux-kernel&m=113927648820694&w=2", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/18766", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/18774", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/18784", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/18788", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/18861", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15.3", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:040", "source": "secalert@redhat.com"}, {"url": "http://www.novell.com/linux/security/advisories/2006_06_kernel.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00037.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/427981/100/0/threaded", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/16532", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "http://www.trustix.org/errata/2006/0006", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/usn-250-1", "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2006/0464", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24575", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-399"}]}], "descriptions": [{"lang": "en", "value": "Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICMP response in icmp_send, does not properly handle when the ip_options_echo function in icmp.c fails, which allows remote attackers to cause a denial of service (crash) via vectors such as (1) record-route and (2) timestamp IP options with the needaddr bit set and a truncated value."}, {"lang": "es", "value": "El kernel de Linux en versiones anteriores a 2.6.15.3 hasta la versi\u00f3n 2.6.12, mientras construye una respuesta ICMP en icmp_send, no maneja adecuadamente cuando la funci\u00f3n ip_options_echo en icmp.c falla, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de vectores, tales como (1) record-route y (2) opciones timestamp IP opciones con el conjunto de bit needaddr y un valor truncado."}], "lastModified": "2018-10-19T15:44:52.223", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F43EBCB4-FCF4-479A-A44D-D913F7F09C77"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "169446DE-67F8-4738-91FE-ED8058118F80"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F76C298-81DC-43E4-8FC9-DC005A2116EF"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0AB349B2-3F78-4197-882B-90ADB3BF645A"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AC88830-A9BC-4607-B572-A4B502FC9FD0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "476CB3A5-D022-4F13-AAEF-CB6A5785516A"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CFD5CDD-1709-44C7-82BD-BAFDC46990D6"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C7BF3B2-CCD1-4D39-AE9C-AB24ABA57447"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "860F9225-8A3F-492C-B72B-5EFFB322802C"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19DFB4EF-EA1F-4680-9D97-2FDFAA4B4A25"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57E23724-2CA4-4211-BB83-38661BE7E6AF"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0688B3F-F8F2-4C62-B7A3-08F9FDCE7A70"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3896C4A6-C2F6-47CE-818A-7EB3DBF15BC3"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6143DC1F-D62E-4DB2-AF43-30A07413D68B"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93F0834D-C5EA-4C96-8D6C-3123ECF78F8C"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1784CBC-BEAF-48E5-95A4-2A4BD5F9F1BC"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31523E67-5E4F-43F7-9410-20CB3F287DAF"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D9F976B-1328-40FE-A1F2-C1DF3F836604"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B627DE3-2702-4EB2-9733-253D315FB594"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10E1B011-8D20-448E-9DD5-023DD30D1FE1"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A29A4BC-0442-458E-A874-BF0D0F2870FC"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "298266AB-2A36-4606-BF80-2185FC56C4D2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C2658CA-56C2-494F-AC42-618EC413CBDF"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD34526D-F2CC-44C5-991D-B1E41C327860"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2F0B900-34E9-4545-B7AE-AF0A4363EACE"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B36F432D-FED1-4B8D-A458-BEDEEF306AB1"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5220F0FE-C4CC-4E75-A16A-4ADCABA7E8B8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04F25DE0-CA8E-4F57-87A5-C30D89CC9E44"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F87F764B-4097-44FA-B96E-A5DA75E31F7B"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7025803-C679-44DB-ADEE-864E6CAAD9B5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24B879D6-4631-49A8-9366-75577DFB755D"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5B76C21-70C8-4911-A24B-270F876EF7C0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25379B32-D898-4E44-A740-978A129B5E05"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B90F8F2-9549-413D-9676-3EF634D832B5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "915E64EF-6EEC-4DE2-A285-5F3FCE389645"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "585BEE46-088A-494E-8E18-03F33F6BBEA5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFF35478-B292-4A00-B985-CEEDE8B212C3"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E85846A-61BE-4896-B4A6-42A7E1DBA515"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6E3B925-031D-4F6D-915A-A16F0FFA878C"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7344B707-6145-48BA-8BC9-9B140A260BCF"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BFCEA98-C708-4E1E-B189-E6F96D28F07A"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B753112-CCDE-4870-AA97-4AAA2946421A"}], "operator": "OR"}]}], "vendorComments": [{"comment": "Not vulnerable. This vulnerability was introduced into the Linux kernel in version 2.6.12 and therefore does not affect users of Red Hat Enterprise Linux 2.1, 3, or 4.", "lastModified": "2006-09-17T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "secalert@redhat.com"}