Vulnerability Name: | CVE-2006-4516 (CCN-29476) | ||||||||
Assigned: | 2006-10-10 | ||||||||
Published: | 2006-10-10 | ||||||||
Updated: | 2017-07-20 | ||||||||
Summary: | Integer signedness error in FreeBSD 6.0-RELEASE allows local users to cause a denial of service (memory corruption and kernel panic) via a PT_LWPINFO ptrace command with a large negative data value that satisfies a signed maximum value check but is used in an unsigned copyout function call. | ||||||||
CVSS v3 Severity: | 6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
| ||||||||
CVSS v2 Severity: | 4.9 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.0 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:U/RC:UR)
4.0 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:U/RC:UR)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Denial of Service | ||||||||
References: | Source: MITRE Type: CNA CVE-2006-4516 Source: IDEFENSE Type: Patch, Vendor Advisory 20061010 FreeBSD ptrace PT_LWPINFO Denial of Service Vulnerability Source: CCN Type: SA22367 FreeBSD "PT_LWPINFO" Ptrace Command Denial of Service Source: SECUNIA Type: UNKNOWN 22367 Source: CCN Type: OSVDB ID: 29611 FreeBSD PT_LWPINFO ptrace Local DoS Source: BID Type: UNKNOWN 20440 Source: CCN Type: BID-20440 FreeBSD PTrace PT_LWPINFO Local Denial of Service Vulnerability Source: XF Type: UNKNOWN freebsd-ptlwpinfo-ptrace-dos(29476) Source: XF Type: UNKNOWN freebsd-ptlwpinfo-ptrace-dos(29476) Source: CCN Type: iDefense Labs PUBLIC ADVISORY: 10.10.06 FreeBSD ptrace PT_LWPINFO Denial of Service Vulnerability | ||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
BACK |