Vulnerabilities > CVE-2006-6654 - Denial-Of-Service vulnerability in NetBSD

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

netbsd

NVD

Published: 2006-12-20

Updated: 2008-09-05

Summary

The sendmsg function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029, when run on a 64-bit architecture, allows attackers to cause a denial of service (kernel panic) via an invalid msg_controllen parameter to the sendit function.

Vulnerable Configurations

Part	Description	Count
OS	Netbsd Netbsd Netbsd 2.0 Netbsd Netbsd 2.1 Netbsd Netbsd 3.0 Netbsd Netbsd 3.0.1	4

References

ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-026.txt.asc
http://securitytracker.com/id?1017293