Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0037

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2006-0037
Last Modified 07 Mar 2011 09:29:12
Published 23 Jan 2006 05:03:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-0037

Summary

ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in Linux kernel 2.6.14, and other versions, allows local users to cause a denial of service (memory corruption or crash) via a crafted outbound packet that causes an incorrect offset to be calculated from pointer arithmetic when non-linear SKBs (socket buffers) are used.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.14


References

VUPEN - ADV-2006-0220

CONFIRM - http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=03b9feca89366952ae5dfe4ad8107b1ece50b710

XF - kernel-pptpnathelper-dos(24204)

TRUSTIX - 2006-0004

BID - 16414

SREASON - 388

SECUNIA - 18482


Last Updated: 27 May 2016 10:41:30