|
|
CVE Reference: CVE-2006-4304 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-4304 |
|
|
Description: Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/28562 ST 1016745 SAID Secunia Advisory: SA21587 Secunia Advisory: SA21731 OPENBSD http://www.openbsd.org/errata.html#sppp http://www.openbsd.org/errata38.html#sppp NETBSD MISC http://security.FreeBSD.org/patches/SA-06:18/ppp4x.patch FREEBSD http://security.FreeBSD.org/advisories/FreeBSD-SA-06:18.ppp.asc BID 19684 |
|
| Return to the previous page. |
