Vulnerabilities > CVE-2006-1797 - Local Denial of Service vulnerability in NetBSD SIOCGIFALIAS IOCTL

CVSS 4.9 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

local

low complexity

netbsd

NVD

Published: 2006-04-18

Updated: 2017-07-20

Summary

The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of service (system crash) by using the SIOCGIFALIAS ioctl to gather information on a non-existent alias of a network interface, which causes a NULL pointer dereference.

Vulnerable Configurations

Part	Description	Count
OS	Netbsd Netbsd Netbsd 1.6 Netbsd Netbsd 1.6.1 Netbsd Netbsd 1.6.2 Netbsd Netbsd 2.0 Netbsd Netbsd 2.0.1 Netbsd Netbsd 2.0.2 Netbsd Netbsd 2.0.3 Netbsd Netbsd 2.1 Netbsd Netbsd 3.0	10

References

http://archives.neohapsis.com/archives/netbsd/2006-q2/0014.html
http://secunia.com/advisories/19615
http://securitytracker.com/id?1015908
http://www.osvdb.org/24578
http://www.securityfocus.com/bid/17497
https://exchange.xforce.ibmcloud.com/vulnerabilities/25766