CVE-2006-1343

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2006-1343
net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGINAL_DST, which allows local users to obtain portions of potentially sensitive memory.

2.1 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
http://marc.info/?l=linux-netdev&m=114148078223594&w=2
http://secunia.com/advisories/19357
http://secunia.com/advisories/19955
http://secunia.com/advisories/20671
http://secunia.com/advisories/21045
http://secunia.com/advisories/21136
http://secunia.com/advisories/21465
http://secunia.com/advisories/21983
http://secunia.com/advisories/22093
http://secunia.com/advisories/22417
http://secunia.com/advisories/22875
http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm
http://www.debian.org/security/2006/dsa-1097
http://www.debian.org/security/2006/dsa-1184
http://www.mandriva.com/security/advisories?name=MDKSA-2006:123
http://www.mandriva.com/security/advisories?name=MDKSA-2006:150
http://www.osvdb.org/29841
http://www.redhat.com/support/errata/RHSA-2006-0437.html
http://www.redhat.com/support/errata/RHSA-2006-0575.html
http://www.redhat.com/support/errata/RHSA-2006-0579.html
http://www.redhat.com/support/errata/RHSA-2006-0580.html
http://www.securityfocus.com/archive/1/435490/100/0/threaded
http://www.securityfocus.com/archive/1/451404/100/0/threaded
http://www.securityfocus.com/archive/1/451417/100/200/threaded
http://www.securityfocus.com/archive/1/451419/100/200/threaded
http://www.securityfocus.com/archive/1/451426/100/200/threaded
http://www.securityfocus.com/bid/17203
http://www.trustix.org/errata/2006/0032/
http://www.vmware.com/download/esx/esx-202-200610-patch.html
http://www.vmware.com/download/esx/esx-213-200610-patch.html
http://www.vmware.com/download/esx/esx-254-200610-patch.html
http://www.vupen.com/english/advisories/2006/2071
http://www.vupen.com/english/advisories/2006/4502
https://exchange.xforce.ibmcloud.com/vulnerabilities/25425
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10875
https://usn.ubuntu.com/281-1/
http://marc.info/?l=linux-netdev&m=114148078223594&w=2
http://secunia.com/advisories/19357
http://secunia.com/advisories/19955
http://secunia.com/advisories/20671
http://secunia.com/advisories/21045
http://secunia.com/advisories/21136
http://secunia.com/advisories/21465
http://secunia.com/advisories/21983
http://secunia.com/advisories/22093
http://secunia.com/advisories/22417
http://secunia.com/advisories/22875
http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm
http://www.debian.org/security/2006/dsa-1097
http://www.debian.org/security/2006/dsa-1184
http://www.mandriva.com/security/advisories?name=MDKSA-2006:123
http://www.mandriva.com/security/advisories?name=MDKSA-2006:150
http://www.osvdb.org/29841
http://www.redhat.com/support/errata/RHSA-2006-0437.html
http://www.redhat.com/support/errata/RHSA-2006-0575.html
http://www.redhat.com/support/errata/RHSA-2006-0579.html
http://www.redhat.com/support/errata/RHSA-2006-0580.html
http://www.securityfocus.com/archive/1/435490/100/0/threaded
http://www.securityfocus.com/archive/1/451404/100/0/threaded
http://www.securityfocus.com/archive/1/451417/100/200/threaded
http://www.securityfocus.com/archive/1/451419/100/200/threaded
http://www.securityfocus.com/archive/1/451426/100/200/threaded
http://www.securityfocus.com/bid/17203
http://www.trustix.org/errata/2006/0032/
http://www.vmware.com/download/esx/esx-202-200610-patch.html
http://www.vmware.com/download/esx/esx-213-200610-patch.html
http://www.vmware.com/download/esx/esx-254-200610-patch.html
http://www.vupen.com/english/advisories/2006/2071
http://www.vupen.com/english/advisories/2006/4502
https://exchange.xforce.ibmcloud.com/vulnerabilities/25425
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10875
https://usn.ubuntu.com/281-1/
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*
History

21 Nov 2024, 00:08

Type Values Removed Values Added
References () http://marc.info/?l=linux-netdev&m=114148078223594&w=2 - () http://marc.info/?l=linux-netdev&m=114148078223594&w=2 -
References () http://secunia.com/advisories/19357 - () http://secunia.com/advisories/19357 -
References () http://secunia.com/advisories/19955 - () http://secunia.com/advisories/19955 -
References () http://secunia.com/advisories/20671 - () http://secunia.com/advisories/20671 -
References () http://secunia.com/advisories/21045 - () http://secunia.com/advisories/21045 -
References () http://secunia.com/advisories/21136 - () http://secunia.com/advisories/21136 -
References () http://secunia.com/advisories/21465 - () http://secunia.com/advisories/21465 -
References () http://secunia.com/advisories/21983 - () http://secunia.com/advisories/21983 -
References () http://secunia.com/advisories/22093 - () http://secunia.com/advisories/22093 -
References () http://secunia.com/advisories/22417 - () http://secunia.com/advisories/22417 -
References () http://secunia.com/advisories/22875 - () http://secunia.com/advisories/22875 -
References () http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm - () http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm -
References () http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm - () http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm -
References () http://www.debian.org/security/2006/dsa-1097 - () http://www.debian.org/security/2006/dsa-1097 -
References () http://www.debian.org/security/2006/dsa-1184 - () http://www.debian.org/security/2006/dsa-1184 -
References () http://www.mandriva.com/security/advisories?name=MDKSA-2006:123 - () http://www.mandriva.com/security/advisories?name=MDKSA-2006:123 -
References () http://www.mandriva.com/security/advisories?name=MDKSA-2006:150 - () http://www.mandriva.com/security/advisories?name=MDKSA-2006:150 -
References () http://www.osvdb.org/29841 - () http://www.osvdb.org/29841 -
References () http://www.redhat.com/support/errata/RHSA-2006-0437.html - () http://www.redhat.com/support/errata/RHSA-2006-0437.html -
References () http://www.redhat.com/support/errata/RHSA-2006-0575.html - () http://www.redhat.com/support/errata/RHSA-2006-0575.html -
References () http://www.redhat.com/support/errata/RHSA-2006-0579.html - () http://www.redhat.com/support/errata/RHSA-2006-0579.html -
References () http://www.redhat.com/support/errata/RHSA-2006-0580.html - () http://www.redhat.com/support/errata/RHSA-2006-0580.html -
References () http://www.securityfocus.com/archive/1/435490/100/0/threaded - () http://www.securityfocus.com/archive/1/435490/100/0/threaded -
References () http://www.securityfocus.com/archive/1/451404/100/0/threaded - () http://www.securityfocus.com/archive/1/451404/100/0/threaded -
References () http://www.securityfocus.com/archive/1/451417/100/200/threaded - () http://www.securityfocus.com/archive/1/451417/100/200/threaded -
References () http://www.securityfocus.com/archive/1/451419/100/200/threaded - () http://www.securityfocus.com/archive/1/451419/100/200/threaded -
References () http://www.securityfocus.com/archive/1/451426/100/200/threaded - () http://www.securityfocus.com/archive/1/451426/100/200/threaded -
References () http://www.securityfocus.com/bid/17203 - () http://www.securityfocus.com/bid/17203 -
References () http://www.trustix.org/errata/2006/0032/ - () http://www.trustix.org/errata/2006/0032/ -
References () http://www.vmware.com/download/esx/esx-202-200610-patch.html - () http://www.vmware.com/download/esx/esx-202-200610-patch.html -
References () http://www.vmware.com/download/esx/esx-213-200610-patch.html - () http://www.vmware.com/download/esx/esx-213-200610-patch.html -
References () http://www.vmware.com/download/esx/esx-254-200610-patch.html - () http://www.vmware.com/download/esx/esx-254-200610-patch.html -
References () http://www.vupen.com/english/advisories/2006/2071 - () http://www.vupen.com/english/advisories/2006/2071 -
References () http://www.vupen.com/english/advisories/2006/4502 - () http://www.vupen.com/english/advisories/2006/4502 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/25425 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/25425 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10875 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10875 -
References () https://usn.ubuntu.com/281-1/ - () https://usn.ubuntu.com/281-1/ -

07 Nov 2023, 01:58

Type Values Removed Values Added
References (SECUNIA) http://secunia.com/advisories/22093 - () http://secunia.com/advisories/22093 -
References (UBUNTU) https://usn.ubuntu.com/281-1/ - () https://usn.ubuntu.com/281-1/ -
References (BUGTRAQ) http://www.securityfocus.com/archive/1/451417/100/200/threaded - () http://www.securityfocus.com/archive/1/451417/100/200/threaded -
References (TRUSTIX) http://www.trustix.org/errata/2006/0032/ - () http://www.trustix.org/errata/2006/0032/ -
References (DEBIAN) http://www.debian.org/security/2006/dsa-1097 - () http://www.debian.org/security/2006/dsa-1097 -
References (BUGTRAQ) http://www.securityfocus.com/archive/1/451404/100/0/threaded - () http://www.securityfocus.com/archive/1/451404/100/0/threaded -
References (SECUNIA) http://secunia.com/advisories/22875 - () http://secunia.com/advisories/22875 -
References (BUGTRAQ) http://www.securityfocus.com/archive/1/451426/100/200/threaded - () http://www.securityfocus.com/archive/1/451426/100/200/threaded -
References (DEBIAN) http://www.debian.org/security/2006/dsa-1184 - () http://www.debian.org/security/2006/dsa-1184 -
References (REDHAT) http://www.redhat.com/support/errata/RHSA-2006-0580.html - () http://www.redhat.com/support/errata/RHSA-2006-0580.html -
References (SECUNIA) http://secunia.com/advisories/20671 - () http://secunia.com/advisories/20671 -
References (CONFIRM) http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm - () http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm -
References (OSVDB) http://www.osvdb.org/29841 - () http://www.osvdb.org/29841 -
References (SECUNIA) http://secunia.com/advisories/21465 - () http://secunia.com/advisories/21465 -
References (REDHAT) http://www.redhat.com/support/errata/RHSA-2006-0575.html - () http://www.redhat.com/support/errata/RHSA-2006-0575.html -
References (SECUNIA) http://secunia.com/advisories/21045 - () http://secunia.com/advisories/21045 -
References (SECUNIA) http://secunia.com/advisories/22417 - () http://secunia.com/advisories/22417 -
References (REDHAT) http://www.redhat.com/support/errata/RHSA-2006-0437.html - () http://www.redhat.com/support/errata/RHSA-2006-0437.html -
References (BUGTRAQ) http://www.securityfocus.com/archive/1/435490/100/0/threaded - () http://www.securityfocus.com/archive/1/435490/100/0/threaded -
References (CONFIRM) http://www.vmware.com/download/esx/esx-213-200610-patch.html - () http://www.vmware.com/download/esx/esx-213-200610-patch.html -
References (CONFIRM) http://www.vmware.com/download/esx/esx-254-200610-patch.html - () http://www.vmware.com/download/esx/esx-254-200610-patch.html -
References (SECUNIA) http://secunia.com/advisories/21983 - () http://secunia.com/advisories/21983 -
References (SECUNIA) http://secunia.com/advisories/19955 - () http://secunia.com/advisories/19955 -
References (VUPEN) http://www.vupen.com/english/advisories/2006/4502 - () http://www.vupen.com/english/advisories/2006/4502 -
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/25425 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/25425 -
References (MLIST) http://marc.info/?l=linux-netdev&m=114148078223594&w=2 - () http://marc.info/?l=linux-netdev&m=114148078223594&w=2 -
References (CONFIRM) http://www.vmware.com/download/esx/esx-202-200610-patch.html - () http://www.vmware.com/download/esx/esx-202-200610-patch.html -
References (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDKSA-2006:123 - () http://www.mandriva.com/security/advisories?name=MDKSA-2006:123 -
References (SECUNIA) http://secunia.com/advisories/19357 - () http://secunia.com/advisories/19357 -
References (REDHAT) http://www.redhat.com/support/errata/RHSA-2006-0579.html - () http://www.redhat.com/support/errata/RHSA-2006-0579.html -
References (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDKSA-2006:150 - () http://www.mandriva.com/security/advisories?name=MDKSA-2006:150 -
References (SECUNIA) http://secunia.com/advisories/21136 - () http://secunia.com/advisories/21136 -
References (VUPEN) http://www.vupen.com/english/advisories/2006/2071 - () http://www.vupen.com/english/advisories/2006/2071 -
References (CONFIRM) http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm - () http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm -
References (BUGTRAQ) http://www.securityfocus.com/archive/1/451419/100/200/threaded - () http://www.securityfocus.com/archive/1/451419/100/200/threaded -
References (BID) http://www.securityfocus.com/bid/17203 - () http://www.securityfocus.com/bid/17203 -
Information

Published : 2006-03-21 18:02

Updated : 2024-11-21 00:08

NVD link : CVE-2006-1343

Mitre link : CVE-2006-1343

CVE.ORG link : CVE-2006-1343

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
NVD-CWE-Other

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024