CVE - CVE-2006-2444

CVE-ID
CVE-2006-2444	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees of random memory or (2) frees of previously-freed memory (double-free) by snmp_trap_decode as well as its calling function, as demonstrated via certain test cases of the PROTOS SNMP test suite.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.18 CONFIRM:http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=1db6b5a66e93ff125ab871d6b3f7363412cc87e8 CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm DEBIAN:DSA-1183 URL:http://www.debian.org/security/2006/dsa-1183 DEBIAN:DSA-1184 URL:http://www.debian.org/security/2006/dsa-1184 MANDRIVA:MDKSA-2006:087 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:087 REDHAT:RHSA-2006:0580 URL:http://www.redhat.com/support/errata/RHSA-2006-0580.html REDHAT:RHSA-2006:0437 URL:http://www.redhat.com/support/errata/RHSA-2006-0437.html REDHAT:RHSA-2006:0617 URL:http://www.redhat.com/support/errata/RHSA-2006-0617.html SUSE:SUSE-SA:2006:042 URL:http://www.novell.com/linux/security/advisories/2006_42_kernel.html SUSE:SUSE-SA:2006:047 URL:http://www.novell.com/linux/security/advisories/2006_47_kernel.html SUSE:SUSE-SA:2006:064 URL:http://www.novell.com/linux/security/advisories/2006_64_kernel.html UBUNTU:USN-302-1 URL:http://www.ubuntu.com/usn/usn-302-1 CERT-VN:VU#681569 URL:http://www.kb.cert.org/vuls/id/681569 BID:18081 URL:http://www.securityfocus.com/bid/18081 OVAL:oval:org.mitre.oval:def:11318 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11318 VUPEN:ADV-2006-1916 URL:http://www.vupen.com/english/advisories/2006/1916 OSVDB:25750 URL:http://www.osvdb.org/25750 SECTRACK:1016153 URL:http://securitytracker.com/id?1016153 SECUNIA:20225 URL:http://secunia.com/advisories/20225 SECUNIA:20182 URL:http://secunia.com/advisories/20182 SECUNIA:20716 URL:http://secunia.com/advisories/20716 SECUNIA:21035 URL:http://secunia.com/advisories/21035 SECUNIA:21136 URL:http://secunia.com/advisories/21136 SECUNIA:21179 URL:http://secunia.com/advisories/21179 SECUNIA:21605 URL:http://secunia.com/advisories/21605 SECUNIA:21983 URL:http://secunia.com/advisories/21983 SECUNIA:22082 URL:http://secunia.com/advisories/22082 SECUNIA:22093 URL:http://secunia.com/advisories/22093 SECUNIA:22174 URL:http://secunia.com/advisories/22174 SECUNIA:22822 URL:http://secunia.com/advisories/22822 SECUNIA:21498 URL:http://secunia.com/advisories/21498 XF:linux-snmp-nathelper-dos(26594) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/26594
Assigning CNA
N/A
Date Entry Created
20060518	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20060518)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org

Use of the Common Vulnerabilities and Exposures (CVE®) List and the associated references from this website are subject to the terms of use. CVE is sponsored by US-CERT in the office of Cybersecurity and Communications at the U.S. Department of Homeland Security. Copyright © 1999–2018, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation. For more information, please contact us.