CVE-2006-2444
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
25/05/2006
Last modified:
03/04/2025
Description
The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees of random memory or (2) frees of previously-freed memory (double-free) by snmp_trap_decode as well as its calling function, as demonstrated via certain test cases of the PROTOS SNMP test suite.
Impact
Base Score 2.0
7.80
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:*:64-bit_x86:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:*:itanium_ia64_montecito:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.18
- http://secunia.com/advisories/20182
- http://secunia.com/advisories/20225
- http://secunia.com/advisories/20716
- http://secunia.com/advisories/21035
- http://secunia.com/advisories/21136
- http://secunia.com/advisories/21179
- http://secunia.com/advisories/21498
- http://secunia.com/advisories/21605
- http://secunia.com/advisories/21983
- http://secunia.com/advisories/22082
- http://secunia.com/advisories/22093
- http://secunia.com/advisories/22174
- http://secunia.com/advisories/22822
- http://securitytracker.com/id?1016153=
- http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm
- http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm
- http://www.debian.org/security/2006/dsa-1183
- http://www.debian.org/security/2006/dsa-1184
- http://www.kb.cert.org/vuls/id/681569
- http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git%3Ba%3Dcommit%3Bh%3D1db6b5a66e93ff125ab871d6b3f7363412cc87e8
- http://www.mandriva.com/security/advisories?name=MDKSA-2006%3A087
- http://www.novell.com/linux/security/advisories/2006_42_kernel.html
- http://www.novell.com/linux/security/advisories/2006_47_kernel.html
- http://www.novell.com/linux/security/advisories/2006_64_kernel.html
- http://www.osvdb.org/25750
- http://www.redhat.com/support/errata/RHSA-2006-0437.html
- http://www.redhat.com/support/errata/RHSA-2006-0580.html
- http://www.redhat.com/support/errata/RHSA-2006-0617.html
- http://www.securityfocus.com/bid/18081
- http://www.ubuntu.com/usn/usn-302-1
- http://www.vupen.com/english/advisories/2006/1916
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26594
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11318
- http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.18
- http://secunia.com/advisories/20182
- http://secunia.com/advisories/20225
- http://secunia.com/advisories/20716
- http://secunia.com/advisories/21035
- http://secunia.com/advisories/21136
- http://secunia.com/advisories/21179
- http://secunia.com/advisories/21498
- http://secunia.com/advisories/21605
- http://secunia.com/advisories/21983
- http://secunia.com/advisories/22082
- http://secunia.com/advisories/22093
- http://secunia.com/advisories/22174
- http://secunia.com/advisories/22822
- http://securitytracker.com/id?1016153=
- http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm
- http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm
- http://www.debian.org/security/2006/dsa-1183
- http://www.debian.org/security/2006/dsa-1184
- http://www.kb.cert.org/vuls/id/681569
- http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git%3Ba%3Dcommit%3Bh%3D1db6b5a66e93ff125ab871d6b3f7363412cc87e8
- http://www.mandriva.com/security/advisories?name=MDKSA-2006%3A087
- http://www.novell.com/linux/security/advisories/2006_42_kernel.html
- http://www.novell.com/linux/security/advisories/2006_47_kernel.html
- http://www.novell.com/linux/security/advisories/2006_64_kernel.html
- http://www.osvdb.org/25750
- http://www.redhat.com/support/errata/RHSA-2006-0437.html
- http://www.redhat.com/support/errata/RHSA-2006-0580.html
- http://www.redhat.com/support/errata/RHSA-2006-0617.html
- http://www.securityfocus.com/bid/18081
- http://www.ubuntu.com/usn/usn-302-1
- http://www.vupen.com/english/advisories/2006/1916
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26594
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11318