Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-6106

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-6106
Last Modified 19 Mar 2012 12:00:00
Published 19 Dec 2006 02:28:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-6106

Summary

Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field.

Vulnerable Systems

Operating System

  • Linux Kernel 2.4.22

  • Linux Kernel 2.4.23

  • Linux Kernel 2.4.24

  • Linux Kernel 2.4.25

  • Linux Kernel 2.4.26

  • Linux Kernel 2.4.27

  • Linux Kernel 2.4.28

  • Linux Kernel 2.4.29

  • Linux Kernel 2.4.30

  • Linux Kernel 2.4.31

  • Linux Kernel 2.4.32

  • Linux Kernel 2.4.33

  • Linux Kernel 2.4.33.1

  • Linux Kernel 2.4.33.2

  • Linux Kernel 2.4.33.3

  • Linux Kernel 2.4.33.4

  • Linux Kernel 2.6.10

  • Linux Kernel 2.6.11

  • Linux Kernel 2.6.11.1

  • Linux Kernel 2.6.11.10

  • Linux Kernel 2.6.11.11

  • Linux Kernel 2.6.11.12

  • Linux Kernel 2.6.11.2

  • Linux Kernel 2.6.11.3

  • Linux Kernel 2.6.11.4

  • Linux Kernel 2.6.11.5

  • Linux Kernel 2.6.11.6

  • Linux Kernel 2.6.11.7

  • Linux Kernel 2.6.11.8

  • Linux Kernel 2.6.11.9

  • Linux Kernel 2.6.12

  • Linux Kernel 2.6.12.1

  • Linux Kernel 2.6.12.2

  • Linux Kernel 2.6.12.3

  • Linux Kernel 2.6.12.4

  • Linux Kernel 2.6.12.5

  • Linux Kernel 2.6.12.6

  • Linux Kernel 2.6.13

  • Linux Kernel 2.6.13.1

  • Linux Kernel 2.6.13.2

  • Linux Kernel 2.6.13.3

  • Linux Kernel 2.6.13.4

  • Linux Kernel 2.6.13.5

  • Linux Kernel 2.6.14

  • Linux Kernel 2.6.14.1

  • Linux Kernel 2.6.14.2

  • Linux Kernel 2.6.14.3

  • Linux Kernel 2.6.14.4

  • Linux Kernel 2.6.14.5

  • Linux Kernel 2.6.14.6

  • Linux Kernel 2.6.14.7

  • Linux Kernel 2.6.15

  • Linux Kernel 2.6.15.1

  • Linux Kernel 2.6.15.2

  • Linux Kernel 2.6.15.3

  • Linux Kernel 2.6.15.4

  • Linux Kernel 2.6.15.5

  • Linux Kernel 2.6.15.6

  • Linux Kernel 2.6.15.7

  • Linux Kernel 2.6.16

  • Linux Kernel 2.6.16.1

  • Linux Kernel 2.6.16.10

  • Linux Kernel 2.6.16.11

  • Linux Kernel 2.6.16.12

  • Linux Kernel 2.6.16.13

  • Linux Kernel 2.6.16.14

  • Linux Kernel 2.6.16.15

  • Linux Kernel 2.6.16.16

  • Linux Kernel 2.6.16.17

  • Linux Kernel 2.6.16.18

  • Linux Kernel 2.6.16.19

  • Linux Kernel 2.6.16.2

  • Linux Kernel 2.6.16.20

  • Linux Kernel 2.6.16.21

  • Linux Kernel 2.6.16.22

  • Linux Kernel 2.6.16.23

  • Linux Kernel 2.6.16.24

  • Linux Kernel 2.6.16.25

  • Linux Kernel 2.6.16.26

  • Linux Kernel 2.6.16.27

  • Linux Kernel 2.6.16.28

  • Linux Kernel 2.6.16.29

  • Linux Kernel 2.6.16.3

  • Linux Kernel 2.6.16.30

  • Linux Kernel 2.6.16.31

  • Linux Kernel 2.6.16.32

  • Linux Kernel 2.6.16.33

  • Linux Kernel 2.6.16.34

  • Linux Kernel 2.6.16.35

  • Linux Kernel 2.6.16.36

  • Linux Kernel 2.6.16.37

  • Linux Kernel 2.6.16.38

  • Linux Kernel 2.6.16.39

  • Linux Kernel 2.6.16.4

  • Linux Kernel 2.6.16.40

  • Linux Kernel 2.6.16.41

  • Linux Kernel 2.6.16.42

  • Linux Kernel 2.6.16.43

  • Linux Kernel 2.6.16.44

  • Linux Kernel 2.6.16.45

  • Linux Kernel 2.6.16.46

  • Linux Kernel 2.6.16.47

  • Linux Kernel 2.6.16.48

  • Linux Kernel 2.6.16.49

  • Linux Kernel 2.6.16.5

  • Linux Kernel 2.6.16.50

  • Linux Kernel 2.6.16.51

  • Linux Kernel 2.6.16.52

  • Linux Kernel 2.6.16.53

  • Linux Kernel 2.6.16.54

  • Linux Kernel 2.6.16.55

  • Linux Kernel 2.6.16.56

  • Linux Kernel 2.6.16.57

  • Linux Kernel 2.6.16.58

  • Linux Kernel 2.6.16.59

  • Linux Kernel 2.6.16.6

  • Linux Kernel 2.6.16.60

  • Linux Kernel 2.6.16.61

  • Linux Kernel 2.6.16.62

  • Linux Kernel 2.6.16.7

  • Linux Kernel 2.6.16.8

  • Linux Kernel 2.6.16.9

  • Linux Kernel 2.6.17

  • Linux Kernel 2.6.17.1

  • Linux Kernel 2.6.17.10

  • Linux Kernel 2.6.17.11

  • Linux Kernel 2.6.17.12

  • Linux Kernel 2.6.17.13

  • Linux Kernel 2.6.17.14

  • Linux Kernel 2.6.17.2

  • Linux Kernel 2.6.17.3

  • Linux Kernel 2.6.17.4

  • Linux Kernel 2.6.17.5

  • Linux Kernel 2.6.17.6

  • Linux Kernel 2.6.17.7

  • Linux Kernel 2.6.17.8

  • Linux Kernel 2.6.17.9

  • Linux Kernel 2.6.18

  • Linux Kernel 2.6.18.1

  • Linux Kernel 2.6.18.2

  • Linux Kernel 2.6.18.3

  • Linux Kernel 2.6.18.4

  • Linux Kernel 2.6.18.5

  • Linux Kernel 2.6.19

  • Linux Kernel 2.6.19.1

  • Linux Kernel 2.6.19.2

  • Linux Kernel 2.6.19.3

  • Linux Kernel 2.6.19.4

  • Linux Kernel 2.6.19.5

  • Linux Kernel 2.6.19.6

  • Linux Kernel 2.6.19.7

  • Linux Kernel 2.6.2

  • Linux Kernel 2.6.3

  • Linux Kernel 2.6.4

  • Linux Kernel 2.6.5

  • Linux Kernel 2.6.6

  • Linux Kernel 2.6.7

  • Linux Kernel 2.6.8

  • Linux Kernel 2.6.8.1

  • Linux Kernel 2.6.9


References

SECUNIA - 23427

SECUNIA - 23408

MLIST - [linux-kernel] 20061215 [patch 24/24] Bluetooth: Add packet size checks for CAPI messages (CVE-2006-6106)

CONFIRM - http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.5

CONFIRM - https://issues.rpath.com/browse/RPL-848

MISC - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218602

XF - kernel-cmtprecvinteropmsg-bo(30912)

VUPEN - ADV-2006-5037

UBUNTU - USN-416-1

TRUSTIX - 2007-0002

BID - 21604

BUGTRAQ - 20070209 rPSA-2007-0031-1 kernel

BUGTRAQ - 20070615 rPSA-2007-0124-1 kernel xen

SUSE - SUSE-SA:2007:053

SUSE - SUSE-SA:2007:035

SUSE - SUSE-SA:2007:030

SUSE - SUSE-SA:2007:021

SUSE - SUSE-SA:2007:018

MANDRIVA - MDKSA-2007:025

MANDRIVA - MDKSA-2007:012

MANDRIVA - MDKSA-2007:002

DEBIAN - DSA-1503

DEBIAN - DSA-1304

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm

SECUNIA - 29058

SECUNIA - 27227

SECUNIA - 25714

SECUNIA - 25691

SECUNIA - 25683

SECUNIA - 25226

SECUNIA - 24547

SECUNIA - 24206

SECUNIA - 24105

SECUNIA - 24098

SECUNIA - 23997

SECUNIA - 23752

SECUNIA - 23609

SECUNIA - 23593

REDHAT - RHSA-2007:0014

MLIST - [linux-kernel] 20061219 Linux 2.6.18.6

Related Patches

Novell SUSE 2007:2606 kernel security update for SLE 10 i586


Last Updated: 27 May 2016 10:59:54