CVE-2006-5749

low
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c in the Linux 2.4 kernel before 2.4.34-rc4 does not call the init_timer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash.

References

http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.34

http://secunia.com/advisories/23529

http://secunia.com/advisories/23609

http://secunia.com/advisories/23752

http://secunia.com/advisories/24098

http://secunia.com/advisories/24100

http://secunia.com/advisories/24547

http://secunia.com/advisories/25226

http://secunia.com/advisories/25683

http://secunia.com/advisories/25691

http://www.kernel.org/git/?p=linux/kernel/git/wtarreau/linux-2.4.git;a=commitdiff;h=05dca9b77f99d80cf615075624666106d5b61727

http://www.mandriva.com/security/advisories?name=MDKSA-2007:012

http://www.mandriva.com/security/advisories?name=MDKSA-2007:025

http://www.mandriva.com/security/advisories?name=MDKSA-2007:040

http://www.novell.com/linux/security/advisories/2007_18_kernel.html

http://www.novell.com/linux/security/advisories/2007_21_kernel.html

http://www.novell.com/linux/security/advisories/2007_30_kernel.html

http://www.novell.com/linux/security/advisories/2007_35_kernel.html

http://www.securityfocus.com/archive/1/471457

http://www.securityfocus.com/bid/21835

http://www.securityfocus.com/bid/21883

http://www.trustix.org/errata/2007/0002/

http://www.ubuntu.com/usn/usn-416-1

Details

Source: MITRE

Published: 2006-12-31

Updated: 2010-09-15

Risk Information

CVSS v2

Base Score: 1.7

Vector: AV:L/AC:L/Au:S/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 3.1

Severity: LOW

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:rc3:*:*:*:*:*:* versions up to 2.4.34 (inclusive)

Tenable Plugins

View all (7 total)

IDNameProductFamilySeverity
59122SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 2605)NessusSuSE Local Security Checks
high
29486SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 2606)NessusSuSE Local Security Checks
high
28005Ubuntu 5.10 / 6.06 LTS / 6.10 : linux-source-2.6.12/2.6.15/2.6.17 vulnerabilities (USN-416-1)NessusUbuntu Local Security Checks
high
27293openSUSE 10 Security Update : kernel (kernel-2705)NessusSuSE Local Security Checks
high
27292openSUSE 10 Security Update : kernel (kernel-2635)NessusSuSE Local Security Checks
high
24653Mandrake Linux Security Advisory : kernel (MDKSA-2007:040)NessusMandriva Local Security Checks
high
24628Mandrake Linux Security Advisory : kernel (MDKSA-2007:012)NessusMandriva Local Security Checks
high