Lucene search

[email protected]CVE-2006-0021

HistoryFeb 14, 2006 - 7:06 p.m.

CVE-2006-0021

2006-02-1419:06:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2006-0021

microsoft

windows xp

server 2003

igmp

dos

vulnerability

6.5 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.965 High

EPSS

Percentile

99.6%

JSON

Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a denial of service (hang) via an IGMP packet with an invalid IP option, aka the “IGMP v3 DoS Vulnerability.”

CPENameOperatorVersion
microsoft:windows_xpmicrosoft windows xpeq*
microsoft:windows_2003_servermicrosoft windows 2003 servereqweb
microsoft:windows_2003_servermicrosoft windows 2003 servereqenterprise
microsoft:windows_2003_servermicrosoft windows 2003 servereqenterprise_64-bit
microsoft:windows_2003_servermicrosoft windows 2003 servereqstandard_64-bit
microsoft:windows_2003_servermicrosoft windows 2003 servereqdatacenter_64-bit
microsoft:windows_2003_servermicrosoft windows 2003 servereqr2
microsoft:windows_2003_servermicrosoft windows 2003 servereqstandard

CPE	Name	Operator	Version
microsoft:windows_xp	microsoft windows xp	eq	*
microsoft:windows_2003_server	microsoft windows 2003 server	eq	web
microsoft:windows_2003_server	microsoft windows 2003 server	eq	enterprise
microsoft:windows_2003_server	microsoft windows 2003 server	eq	enterprise_64-bit
microsoft:windows_2003_server	microsoft windows 2003 server	eq	standard_64-bit
microsoft:windows_2003_server	microsoft windows 2003 server	eq	datacenter_64-bit
microsoft:windows_2003_server	microsoft windows 2003 server	eq	r2
microsoft:windows_2003_server	microsoft windows 2003 server	eq	standard

References

secunia.com/advisories/18853

securitytracker.com/id?1015629

www.kb.cert.org/vuls/id/839284

www.securiteam.com/exploits/5PP0T0KI0O.html

www.securityfocus.com/archive/1/482658/30/4350/threaded

www.securityfocus.com/bid/16645

www.us-cert.gov/cas/techalerts/TA06-045A.html

www.vupen.com/english/advisories/2006/0576

docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-007

exchange.xforce.ibmcloud.com/vulnerabilities/24489

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1310

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1425

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1647

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1662

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A678

www.exploit-db.com/exploits/1599

6.5 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.965 High

EPSS

Percentile

99.6%

JSON

Related for CVE-2006-0021

securityvulns4 checkpoint_advisories1 cert1 nessus1 prion1