Vulnerability CVE-2006-0743

Vulnerability Name:

CVE-2006-0743 (CCN-25196)

Assigned:

2006-03-09

Published:

2006-03-09

Updated:

2017-07-20

Summary:

Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service (memory corruption and termination) via unknown vectors.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-134

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2006-0743

Source: CONFIRM
Type: Patch, Vendor Advisory
http://issues.apache.org/jira/browse/LOG4NET-67

Source: CCN
Type: log4net Web site
log4net - log4net Project

Source: CCN
Type: SA19241
Apache Log4net Denial of Service Vulnerability

Source: SECUNIA
Type: Patch, Vendor Advisory
19241

Source: SECUNIA
Type: Vendor Advisory
22932

Source: SUSE
Type: UNKNOWN
SUSE-SR:2006:026

Source: OSVDB
Type: UNKNOWN
23905

Source: CCN
Type: OSVDB ID: 23905
Apache Log4net LocalSyslogAppender Format String Memory Corruption DoS

Source: BID
Type: UNKNOWN
17095

Source: CCN
Type: BID-17095
Apache Log4Net Denial Of Service Vulnerability

Source: VUPEN
Type: Vendor Advisory
ADV-2006-0955

Source: XF
Type: UNKNOWN
log4net-localsyslogappender-dos(25196)

Source: XF
Type: UNKNOWN
log4net-localsyslogappender-dos(25196)

Source: SUSE
Type: SUSE-SR:2006:026
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:apache:log4net:1.2.9_beta:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:apache:log4net:1.2.9_beta:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20060743	V	CVE-2006-0743	2022-06-30
oval:org.opensuse.security:def:42392	P	Security update for curl (Important)	2022-05-27
oval:org.opensuse.security:def:42185	P	Security update for expat (Important)	2022-01-25
oval:org.opensuse.security:def:112959	P	log4net-1.2.10-75.6 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:31712	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:32228	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:26165	P	Security update for libarchive (Moderate)	2021-11-17
oval:org.opensuse.security:def:31701	P	Security update for pcre (Moderate)	2021-11-10
oval:org.opensuse.security:def:31700	P	Security update for binutils (Moderate)	2021-11-09
oval:org.opensuse.security:def:31296	P	Security update for binutils (Moderate)	2021-11-02
oval:org.opensuse.security:def:31699	P	Security update for binutils (Moderate)	2021-11-02
oval:org.opensuse.security:def:32206	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:106409	P	log4net-1.2.10-75.6 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:31688	P	Security update for python-urllib3 (Moderate)	2021-09-29
oval:org.opensuse.security:def:26125	P	Security update for grilo (Important)	2021-09-09
oval:org.opensuse.security:def:26112	P	Security update for sssd (Important)	2021-08-30
oval:org.opensuse.security:def:31257	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:31670	P	Security update for python-PyYAML (Important)	2021-08-24
oval:org.opensuse.security:def:32167	P	Security update for openssl (Important)	2021-08-24
oval:org.opensuse.security:def:31246	P	Security update for fetchmail (Moderate)	2021-08-18
oval:org.opensuse.security:def:31245	P	Security update for MozillaFirefox (Important)	2021-08-17
oval:org.opensuse.security:def:26104	P	Security update for libcares2 (Important)	2021-08-16
oval:org.opensuse.security:def:32154	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:32949	P	Security update for webkit2gtk3 (Important)	2021-06-17
oval:org.opensuse.security:def:32118	P	Security update for freeradius-server (Moderate)	2021-06-11
oval:org.opensuse.security:def:26068	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:36234	P	log4net-1.2.10-1.36 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42641	P	log4net-1.2.10-1.36 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:26060	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:26046	P	Security update for libxml2 (Moderate)	2021-05-05
oval:org.opensuse.security:def:32910	P	Security update for cups (Important)	2021-04-30
oval:org.opensuse.security:def:31164	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:31612	P	Security update for gdm (Important)	2021-04-28
oval:org.opensuse.security:def:32067	P	Security update for fwupdate (Important)	2021-04-08
oval:org.opensuse.security:def:32065	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:32062	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:26214	P	Security update for wavpack (Important)	2021-03-24
oval:org.opensuse.security:def:32272	P	Security update for python (Moderate)	2021-03-16
oval:org.opensuse.security:def:26209	P	Security update for apache2 (Moderate)	2021-03-12
oval:org.opensuse.security:def:31331	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:31744	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:31090	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:32010	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:42017	P	log4net-1.2.10-1.36 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35778	P	log4net-1.2.10-1.36 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35985	P	log4net-1.2.10-1.36 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35610	P	log4net-1.2.10-1.36 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:31445	P	Security update for poppler (Moderate)	2020-12-01
oval:org.opensuse.security:def:31793	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32536	P	kdelibs3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31555	P	Security update for sqlite3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31911	P	Security update for gcc43 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31452	P	Security update for postgresql10 (Important)	2020-12-01
oval:org.opensuse.security:def:31786	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32454	P	Security update for xorg-x11-libICE (Moderate)	2020-12-01
oval:org.opensuse.security:def:33197	P	log4net on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25237	P	Security update for libvpx (Moderate)	2020-12-01
oval:org.opensuse.security:def:25587	P	Security update for perl-PlRPC (Moderate)	2020-12-01
oval:org.opensuse.security:def:25879	P	Security update for pidgin-otr (Important)	2020-12-01
oval:org.opensuse.security:def:26610	P	log4net on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25340	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25670	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:26007	P	Security update for libid3tag (Moderate)	2020-12-01
oval:org.opensuse.security:def:26742	P	libcgroup1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25536	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:25820	P	Security update for xerces-c (Moderate)	2020-12-01
oval:org.opensuse.security:def:26311	P	Security update for openstack-nova and openstack-neutron (Moderate)	2020-12-01
oval:org.opensuse.security:def:25783	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:25987	P	Security update for the Linux Kernel (Critical)	2020-12-01
oval:org.opensuse.security:def:26360	P	Security update for MozillaThunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:26515	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31532	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:31832	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:32575	P	log4net on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31960	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32703	P	libapr-util1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31453	P	Security update for postgresql10 (Low)	2020-12-01
oval:org.opensuse.security:def:31762	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31918	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:32310	P	Security update for quagga (Low)	2020-12-01
oval:org.opensuse.security:def:32476	P	Security update for yast2-storage (Moderate)	2020-12-01
oval:org.opensuse.security:def:25161	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:25365	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:25738	P	Security update for libxslt (Moderate)	2020-12-01
oval:org.opensuse.security:def:25893	P	Security update for gstreamer-0_10-plugins-base (Moderate)	2020-12-01
oval:org.opensuse.security:def:25404	P	Security update for spice (Moderate)	2020-12-01
oval:org.opensuse.security:def:25754	P	Security update for flash-player (Moderate)	2020-12-01
oval:org.opensuse.security:def:26777	P	log4net on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25547	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:25877	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26949	P	libfreebl3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25784	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:26413	P	Security update for go1.8 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26559	P	gpg2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31078	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31854	P	Security update for cracklib (Moderate)	2020-12-01
oval:org.opensuse.security:def:31999	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:32742	P	log4net on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31464	P	Security update for postgresql94 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31819	P	Security update for augeas (Moderate)	2020-12-01
oval:org.opensuse.security:def:32366	P	Security update for supportutils (Moderate)	2020-12-01
oval:org.opensuse.security:def:32520	P	glib2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25162	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:25446	P	Security update for nfs-utils (Moderate)	2020-12-01
oval:org.opensuse.security:def:25791	P	Security update for kernel-source (Moderate)	2020-12-01
oval:org.opensuse.security:def:25937	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25328	P	Security update for spice (Moderate)	2020-12-01
oval:org.opensuse.security:def:25532	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25905	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:25611	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:25961	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26253	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26984	P	log4net on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25795	P	Security update for kernel-source (Important)	2020-12-01
oval:org.opensuse.security:def:26462	P	Security update for Mozilla Thunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:27197	P	libmusicbrainz4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31079	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:31388	P	Security update for openwsman (Important)	2020-12-01
oval:org.opensuse.security:def:31898	P	Security update for MozillaFirefox, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:31463	P	Security update for postgresql94 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31855	P	Security update for crash (Low)	2020-12-01
oval:org.opensuse.security:def:32021	P	Security update for kernel-firmware (Moderate)	2020-12-01
oval:org.opensuse.security:def:31538	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:31906	P	Security update for freeradius-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:32415	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:33158	P	libltdl7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25173	P	Security update for ant (Moderate)	2020-12-01
oval:org.opensuse.security:def:25503	P	Security update for apache2 (Important)	2020-12-01
oval:org.opensuse.security:def:25840	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:26575	P	krb5-doc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25329	P	Security update for spice-gtk (Moderate)	2020-12-01
oval:org.opensuse.security:def:25613	P	Security update for libsolv (Moderate)	2020-12-01
oval:org.opensuse.security:def:25958	P	Security update for libwpd (Important)	2020-12-01
oval:org.opensuse.security:def:25535	P	Security update for audiofile (Low)	2020-12-01
oval:org.opensuse.security:def:25739	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26267	P	Security update for xawtv (Moderate)	2020-12-01
oval:org.opensuse.security:def:25859	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26501	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:27232	P	log4net on GA media (Moderate)	2020-12-01

BACK