Vulnerabilities > CVE-2006-6655 - Denial-Of-Service vulnerability in NetBSD

CVSS 1.7 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

local

low complexity

netbsd

NVD

Published: 2006-12-20

Updated: 2008-09-05

Summary

The procfs implementation in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (kernel panic) by attempting to access /emul/linux/proc/0/stat on a procfs filesystem that was mounted with mount_procfs -o linux, which results in a NULL pointer dereference.

Vulnerable Configurations

Part	Description	Count
OS	Netbsd Netbsd Netbsd 2.0 Netbsd Netbsd 2.1 Netbsd Netbsd 3.0 Netbsd Netbsd 3.0.1	4

References

ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-026.txt.asc
http://securitytracker.com/id?1017293