 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2006-4304 |
| Description: | Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver. |
| Test IDs: | 1.3.6.1.4.1.25623.1.0.57294 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2006-4304 BugTraq ID: 19684 http://www.securityfocus.com/bid/19684 FreeBSD Security Advisory: FreeBSD-SA-06:08 http://security.FreeBSD.org/advisories/FreeBSD-SA-06:18.ppp.asc http://security.FreeBSD.org/patches/SA-06:18/ppp4x.patch NETBSD Security Advisory: NetBSD-SA2006-019 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-019.txt.asc OpenBSD Security Advisory: [3.8] 20060902 014: SECURITY FIX: September 2, 2006 http://www.openbsd.org/errata38.html#sppp OpenBSD Security Advisory: [3.9] 20060902 009: SECURITY FIX: September 2, 2006 http://www.openbsd.org/errata.html#sppp http://securitytracker.com/id?1016745 http://secunia.com/advisories/21587 http://secunia.com/advisories/21731 XForce ISS Database: sppp4-lcp-bo(28562) https://exchange.xforce.ibmcloud.com/vulnerabilities/28562 |