CVE-2005-2973

low
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash).

References

http://linux.bkbits.net:8080/linux-2.6/[email protected]_3FGhUrrU-FXLlQIA

http://secunia.com/advisories/17261

http://secunia.com/advisories/17280

http://secunia.com/advisories/17917

http://secunia.com/advisories/17918

http://secunia.com/advisories/18562

http://secunia.com/advisories/18684

http://secunia.com/advisories/19185

http://secunia.com/advisories/19369

http://secunia.com/advisories/19374

http://secunia.com/advisories/20237

http://secunia.com/advisories/21745

http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm

http://www.debian.org/security/2006/dsa-1017

http://www.debian.org/security/2006/dsa-1018

http://www.mandriva.com/security/advisories?name=MDKSA-2006:040

http://www.mandriva.com/security/advisories?name=MDKSA-2006:072

http://www.osvdb.org/20163

http://www.redhat.com/support/errata/RHSA-2006-0140.html

http://www.redhat.com/support/errata/RHSA-2006-0190.html

http://www.redhat.com/support/errata/RHSA-2006-0191.html

http://www.redhat.com/support/errata/RHSA-2006-0493.html

http://www.securityfocus.com/advisories/9549

http://www.securityfocus.com/advisories/9555

http://www.securityfocus.com/advisories/9806

http://www.securityfocus.com/archive/1/419522/100/0/threaded

http://www.securityfocus.com/archive/1/427980/100/0/threaded

http://www.securityfocus.com/archive/1/428028/100/0/threaded

http://www.securityfocus.com/archive/1/428058/100/0/threaded

http://www.securityfocus.com/bid/15156

http://www.vupen.com/english/advisories/2005/2173

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170772

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10041

https://usn.ubuntu.com/219-1/

Details

Source: MITRE

Published: 2005-10-27

Updated: 2018-10-19

Risk Information

CVSS v2

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.8.1:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.9:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.10:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.14:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.14:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.14:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.14:rc4:*:*:*:*:*:*

Tenable Plugins

View all (13 total)

IDNameProductFamilySeverity
65105Ubuntu 4.10 / 5.10 : linux-source-2.6.8.1/-2.6.10/-2.6.12 vulnerabilities (USN-219-1)NessusUbuntu Local Security Checks
medium
22560Debian DSA-1018-2 : kernel-source-2.4.27 - several vulnerabilitiesNessusDebian Local Security Checks
high
22559Debian DSA-1017-1 : kernel-source-2.6.8 - several vulnerabilitiesNessusDebian Local Security Checks
critical
21997CentOS 4 : kernel (CESA-2006:0493)NessusCentOS Local Security Checks
high
21881CentOS 3 : kernel (CESA-2006:0140)NessusCentOS Local Security Checks
high
21592RHEL 4 : kernel (RHSA-2006:0493)NessusRed Hat Local Security Checks
high
20939Mandrake Linux Security Advisory : kernel (MDKSA-2006:040)NessusMandriva Local Security Checks
medium
20855RHEL 2.1 : kernel (RHSA-2006:0191)NessusRed Hat Local Security Checks
medium
20751RHEL 3 : kernel (RHSA-2006:0140)NessusRed Hat Local Security Checks
high
20078Fedora Core 4 : kernel-2.6.13-1.1532_FC4 (2005-1013)NessusFedora Local Security Checks
low
20073Fedora Core 3 : kernel-2.6.12-1.1380_FC3 (2005-1007)NessusFedora Local Security Checks
medium
801418CentOS RHSA-2006-0493 Security CheckLog Correlation EngineGeneric
high
801415CentOS RHSA-2006-0140 Security CheckLog Correlation EngineGeneric
high