Vulnerabilities > CVE-2006-5396 - Local Denial of Service vulnerability in SUN Solaris 10.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
The tcp_fuse_rcv_drain function in the Sun Solaris 10 kernel before 20061017, when TCP Fusion is enabled, allows local users to cause a denial of service (system crash) via a TCP loopback connection with both endpoints on the same system.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 |
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_118855.NASL description SunOS 5.10_x86: kernel patch. Date this patch was last updated by Sun : Jan/29/07 This plugin has been deprecated and either replaced with individual 118855 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 22154 published 2006-08-04 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=22154 title Solaris 10 (x86) : 118855-36 (deprecated) NASL family Solaris Local Security Checks NASL id SOLARIS10_118833.NASL description SunOS 5.10: kernel patch. Date this patch was last updated by Sun : Jan/29/07 This plugin has been deprecated and either replaced with individual 118833 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 21792 published 2006-07-03 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=21792 title Solaris 10 (sparc) : 118833-36 (deprecated)
Oval
accepted | 2007-09-27T08:57:45.983-04:00 | ||||||||
class | vulnerability | ||||||||
contributors |
| ||||||||
definition_extensions |
| ||||||||
description | The tcp_fuse_rcv_drain function in the Sun Solaris 10 kernel before 20061017, when TCP Fusion is enabled, allows local users to cause a denial of service (system crash) via a TCP loopback connection with both endpoints on the same system. | ||||||||
family | unix | ||||||||
id | oval:org.mitre.oval:def:2199 | ||||||||
status | accepted | ||||||||
submitted | 2007-08-10T12:25:23.000-04:00 | ||||||||
title | Security Vulnerability in the Solaris 10 TCP Fusion Code May Lead to a System Panic, Resulting in a Denial of Service (DoS) | ||||||||
version | 35 |
References
- http://secunia.com/advisories/22453
- http://securitytracker.com/id?1017082
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102667-1
- http://www.securityfocus.com/bid/20587
- http://www.vupen.com/english/advisories/2006/4080
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29630
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2199