Vulnerability CVE-2006-6719

Vulnerability Name:

CVE-2006-6719 (CCN-31184)

Assigned:

2006-12-18

Published:

2006-12-18

Updated:

2017-10-19

Summary:

The ftp_syst function in ftp-basic.c in Free Software Foundation (FSF) GNU wget 1.10.2 allows remote attackers to cause a denial of service (application crash) via a malicious FTP server with a large number of blank 220 responses to the SYST command.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
4.2 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:U/RC:UR)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
4.2 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:U/RC:UR)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-Other

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2006-6719

Source: CCN
Type: GNU Project Web site
GNU wget

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:017

Source: CCN
Type: OSVDB ID: 32755
GNU wget ftp-basic.c ftp_syst Function SYST Command Remote DoS

Source: BID
Type: Exploit
21650

Source: CCN
Type: BID-21650
GNU Wget FTP_Syst Function Remote Denial of Service Vulnerability

Source: XF
Type: UNKNOWN
gnu-wget-ftpsyst-dos(31184)

Source: CONFIRM
Type: UNKNOWN
https://issues.rpath.com/browse/RPL-930

Source: EXPLOIT-DB
Type: UNKNOWN
2947

Vulnerable Configuration:

Configuration 1:

cpe:/a:gnu:wget:1.5.3:*:*:*:*:*:*:*

OR cpe:/a:gnu:wget:1.6:*:*:*:*:*:*:*

OR cpe:/a:gnu:wget:1.7:*:*:*:*:*:*:*

OR cpe:/a:gnu:wget:1.7.1:*:*:*:*:*:*:*

OR cpe:/a:gnu:wget:1.8:*:*:*:*:*:*:*

OR cpe:/a:gnu:wget:1.8.1:*:*:*:*:*:*:*

OR cpe:/a:gnu:wget:1.8.2:*:*:*:*:*:*:*

OR cpe:/a:gnu:wget:1.9:*:*:*:*:*:*:*

OR cpe:/a:gnu:wget:1.9.1:*:*:*:*:*:*:*

OR cpe:/a:gnu:wget:1.10:*:*:*:*:*:*:*

OR cpe:/a:gnu:wget:1.10.1:*:*:*:*:*:*:*

OR cpe:/a:gnu:wget:1.10.2:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20066719	V	CVE-2006-6719	2022-06-30
oval:org.opensuse.security:def:113582	P	wget-1.21.1-2.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:31334	P	Security update for log4j (Important)	2021-12-17
oval:org.opensuse.security:def:32241	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:32236	P	Security update for MozillaFirefox (Important)	2021-12-12
oval:org.opensuse.security:def:42247	P	Security update for xen (Moderate)	2021-12-07
oval:org.opensuse.security:def:26181	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:31319	P	Security update for openssh (Important)	2021-12-06
oval:org.opensuse.security:def:31308	P	Security update for postgresql96 (Important)	2021-11-22
oval:org.opensuse.security:def:31307	P	Security update for postgresql, postgresql13, postgresql14 (Important)	2021-11-20
oval:org.opensuse.security:def:26166	P	Security update for php74 (Moderate)	2021-11-18
oval:org.opensuse.security:def:26155	P	Security update for cairo (Low)	2021-10-22
oval:org.opensuse.security:def:33018	P	Security update for webkit2gtk3 (Important)	2021-10-06
oval:org.opensuse.security:def:106968	P	wget-1.21.1-2.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:32187	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-09-23
oval:org.opensuse.security:def:32190	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-09-23
oval:org.opensuse.security:def:31674	P	Security update for aspell (Important)	2021-08-25
oval:org.opensuse.security:def:26110	P	Security update for aspell (Important)	2021-08-25
oval:org.opensuse.security:def:26108	P	Security update for openssl-1_1 (Important)	2021-08-24
oval:org.opensuse.security:def:32979	P	Security update for libmspack (Moderate)	2021-08-17
oval:org.opensuse.security:def:32154	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:32133	P	Security update for libgcrypt (Important)	2021-06-24
oval:org.opensuse.security:def:32131	P	Security update for ovmf (Important)	2021-06-22
oval:org.opensuse.security:def:32127	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:31202	P	Security update for webkit2gtk3 (Important)	2021-06-17
oval:org.opensuse.security:def:26074	P	Security update for freeradius-server (Moderate)	2021-06-11
oval:org.opensuse.security:def:36321	P	wget-1.11.4-1.19.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42728	P	wget-1.11.4-1.19.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31617	P	Security update for samba (Important)	2021-05-04
oval:org.opensuse.security:def:32083	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:31607	P	Security update for qemu (Important)	2021-04-16
oval:org.opensuse.security:def:32061	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:26212	P	Security update for python3 (Moderate)	2021-03-19
oval:org.opensuse.security:def:32277	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:32275	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:31739	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:26191	P	Security update for jasper (Important)	2021-02-16
oval:org.opensuse.security:def:31726	P	Security update for the Linux Kernel (Important)	2021-02-12
oval:org.opensuse.security:def:26122	P	Security update for python-urllib3 (Moderate)	2021-02-03
oval:org.opensuse.security:def:26030	P	Security update for php72 (Moderate)	2021-01-14
oval:org.opensuse.security:def:26069	P	Security update for java-1_7_1-ibm (Moderate)	2021-01-04
oval:org.opensuse.security:def:32097	P	Security update for flac (Moderate)	2021-01-04
oval:org.opensuse.security:def:32022	P	Security update for xen (Moderate)	2020-12-29
oval:org.opensuse.security:def:31570	P	Security update for cyrus-sasl (Important)	2020-12-28
oval:org.opensuse.security:def:25975	P	Security update for openssl-1_0_0 (Important)	2020-12-09
oval:org.opensuse.security:def:32005	P	Security update for xen (Important)	2020-12-07
oval:org.opensuse.security:def:42764	P	wget-openssl1-1.11.4-1.22.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:36055	P	wget-1.11.4-1.15.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42462	P	wget-1.11.4-1.15.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35648	P	wget-1.11.4-1.15.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:36357	P	wget-openssl1-1.11.4-1.22.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35840	P	wget-1.11.4-1.15.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42055	P	wget-1.11.4-1.15.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25967	P	Security update for python3 (Important)	2020-12-02
oval:org.opensuse.security:def:26624	P	pam_krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32765	P	pango on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31823	P	Security update for bash (Moderate)	2020-12-01
oval:org.opensuse.security:def:25594	P	Security update for targetcli-fb (Moderate)	2020-12-01
oval:org.opensuse.security:def:26332	P	Security update for karchive (Important)	2020-12-01
oval:org.opensuse.security:def:32643	P	coolkey on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25604	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25982	P	Security update for bash (Moderate)	2020-12-01
oval:org.opensuse.security:def:31888	P	Security update for evince (Moderate)	2020-12-01
oval:org.opensuse.security:def:32489	P	apache2-mod_php5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26380	P	Security update for irssi (Moderate)	2020-12-01
oval:org.opensuse.security:def:31533	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:26234	P	Security update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:31892	P	Security update for expat (Moderate)	2020-12-01
oval:org.opensuse.security:def:25211	P	Security update for mariadb-100 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25889	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:32541	P	krb5-plugin-kdb-ldap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26648	P	wget on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25871	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:27284	P	radvd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31873	P	Security update for cvs (Moderate)	2020-12-01
oval:org.opensuse.security:def:25816	P	Security update for libqt4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26549	P	ft2demos on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25466	P	Security update for libxml2 (Low)	2020-12-01
oval:org.opensuse.security:def:26248	P	Security update for freerdp (Moderate)	2020-12-01
oval:org.opensuse.security:def:31973	P	Security update for jakarta-taglibs-standard (Important)	2020-12-01
oval:org.opensuse.security:def:32599	P	qt3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25918	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32433	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:26336	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:27355	P	wget-openssl1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31522	P	Security update for rsync (Moderate)	2020-12-01
oval:org.opensuse.security:def:32041	P	Security update for krb5 (Important)	2020-12-01
oval:org.opensuse.security:def:31870	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:25200	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25808	P	Security update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:32502	P	dhcp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26613	P	mono-core on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25870	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25878	P	Security update for libqt4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26646	P	unzip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31799	P	Security update for SDL (Moderate)	2020-12-01
oval:org.opensuse.security:def:25541	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:26500	P	Security update for ffmpeg-4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:33284	P	wget on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25402	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:31917	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:32577	P	man on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26839	P	wget on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25907	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31525	P	Security update for rsyslog	2020-12-01
oval:org.opensuse.security:def:26322	P	Security update for ffmpeg (Moderate)	2020-12-01
oval:org.opensuse.security:def:27320	P	wireshark on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31521	P	Security update for rsync (Moderate)	2020-12-01
oval:org.opensuse.security:def:31909	P	Security update for freetype2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26585	P	libexif on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32341	P	Security update for spice (Moderate)	2020-12-01
oval:org.opensuse.security:def:25199	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25680	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31483	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:31128	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:31831	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:25829	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26602	P	libsndfile on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32613	P	wget on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31788	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25484	P	Security update for libqt4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26447	P	Security update for pdns (Important)	2020-12-01
oval:org.opensuse.security:def:33245	P	python-pywbem on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25391	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:31761	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32538	P	kernel-default on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26804	P	perl-HTML-Parser on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25906	P	Security update for sane-backends (Moderate)	2020-12-01
oval:org.opensuse.security:def:31393	P	Security update for pam_pkcs11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26682	P	cyrus-imapd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31835	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:25732	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:26536	P	dbus-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32297	P	Security update for procps (Moderate)	2020-12-01
oval:org.opensuse.security:def:33320	P	wget-openssl1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25616	P	Security update for less (Moderate)	2020-12-01
oval:org.opensuse.security:def:25931	P	Security update for libcares2 (Low)	2020-12-01
oval:org.opensuse.security:def:27053	P	wget on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31117	P	Security update for krb5 (Important)	2020-12-01
oval:org.opensuse.security:def:25776	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:26588	P	libicu-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32574	P	libxslt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31787	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25403	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26296	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:32607	P	sysstat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25390	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:25946	P	Security update for gnome-shell (Low)	2020-12-01
oval:org.opensuse.security:def:32453	P	Security update for xfsprogs (Moderate)	2020-12-01
oval:org.opensuse.security:def:26020	P	Security update for libraw (Moderate)	2020-12-01
oval:org.opensuse.security:def:26638	P	squid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32804	P	wget on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31824	P	Security update for bash (Low)	2020-12-01
oval:org.opensuse.security:def:25675	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26483	P	Security update for chromium (Moderate)	2020-12-01
oval:org.opensuse.security:def:33281	P	vsftpd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25605	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:31975	P	Security update for jasper (Important)	2020-12-01
oval:org.opensuse.security:def:25917	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:27018	P	pure-ftpd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31116	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25625	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26283	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31936	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:25275	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31782	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32563	P	libpulse-browse0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25882	P	Security update for python-tornado (Moderate)	2020-12-01
oval:org.opensuse.security:def:31426	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32397	P	Security update for unzip (Moderate)	2020-12-01
oval:org.opensuse.security:def:27319	P	wget on GA media (Moderate)	2020-12-01
oval:com.ubuntu.precise:def:20066719000	V	CVE-2006-6719 on Ubuntu 12.04 LTS (precise) - low.	2006-12-23
oval:com.ubuntu.xenial:def:200667190000000	V	CVE-2006-6719 on Ubuntu 16.04 LTS (xenial) - low.	2006-12-23
oval:com.ubuntu.trusty:def:20066719000	V	CVE-2006-6719 on Ubuntu 14.04 LTS (trusty) - low.	2006-12-23
oval:com.ubuntu.xenial:def:20066719000	V	CVE-2006-6719 on Ubuntu 16.04 LTS (xenial) - low.	2006-12-23

BACK