Vulnerabilities > CVE-2006-0138 - Remote Denial of Service vulnerability in aMSN

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
amsn
nessus
exploit available

Summary

aMSN (aka Alvaro's Messenger) allows remote attackers to cause a denial of service (client hang and termination of client's instant-messaging session) by repeatedly sending crafted data to the default file-transfer port (TCP 6891).

Vulnerable Configurations

Part Description Count
Application
Amsn
1

Exploit-Db

descriptionaMSN Remote Denial of Service Vulnerability. CVE-2006-0138. Dos exploits for multiple platform
idEDB-ID:37692
last seen2016-02-04
modified2006-01-01
published2006-01-01
reporterBraulio Miguel Suarez Urquijo
sourcehttps://www.exploit-db.com/download/37692/
titleaMSN Remote Denial of Service Vulnerability

Nessus

NASL familyFedora Local Security Checks
NASL idFEDORA_2012-12151.NASL
descriptionUpdate to a new version which fixes a lot of things, including webcam support. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen2020-03-17
modified2012-08-27
plugin id61670
published2012-08-27
reporterThis script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/61670
titleFedora 17 : amsn-0.98.9-4.fc17 (2012-12151)
code
#%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2012-12151.
#

include("compat.inc");

if (description)
{
  script_id(61670);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");

  script_cve_id("CVE-2006-0138");
  script_xref(name:"FEDORA", value:"2012-12151");

  script_name(english:"Fedora 17 : amsn-0.98.9-4.fc17 (2012-12151)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Update to a new version which fixes a lot of things, including webcam
support.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=821416"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2012-August/085587.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?3a7b26f4"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected amsn package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:amsn");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:17");

  script_set_attribute(attribute:"patch_publication_date", value:"2012/08/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/27");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2020 Tenable Network Security, Inc.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^17([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 17.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC17", reference:"amsn-0.98.9-4.fc17")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "amsn");
}