Lucene search

MitreCVE-2006-5679

HistoryNov 03, 2006 - 10:07 p.m.

CVE-2006-5679

2006-11-0322:07:00

CWE-189

mitre

web.nvd.nist.gov

cve

integer overflow

freebsd

denial of service

arbitrary code execution

ufs filesystem

nvd

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.2

Confidence

High

EPSS

0.001

Percentile

37.3%

JSON

Integer overflow in the ffs_mountfs function in FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted UFS filesystem that causes invalid or large size parameters to be provided to the kmem_alloc function. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem.

Affected configurations

Nvd

Node

freebsdfreebsdMatch6.1

VendorProductVersionCPE
freebsdfreebsd6.1cpe:2.3:o:freebsd:freebsd:6.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
freebsd	freebsd	6.1	cpe:2.3:o:freebsd:freebsd:6.1:::::::*

References

docs.info.apple.com/article.html?artnum=305214

lists.apple.com/archives/security-announce/2007/Mar/msg00002.html

lists.freebsd.org/pipermail/freebsd-security/2007-January/004218.html

projects.info-pull.com/mokb/MOKB-03-11-2006.html

secunia.com/advisories/22736

secunia.com/advisories/24479

www.kb.cert.org/vuls/id/552136

www.securityfocus.com/bid/20918

www.securitytracker.com/id?1017751

www.us-cert.gov/cas/techalerts/TA07-072A.html

www.vupen.com/english/advisories/2007/0930

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.2

Confidence

High

EPSS

0.001

Percentile

37.3%

JSON

Related for CVE-2006-5679