Lucene search

[email protected]CVE-2006-6876

HistoryJan 05, 2007 - 2:00 a.m.

CVE-2006-6876

2007-01-0502:00:00

[email protected]

web.nvd.nist.gov

cve-2006-6876

buffer overflow

sms handling

openser

denial of service

memory corruption

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.5%

JSON

Buffer overflow in the fetchsms function in the SMS handling module (libsms_getsms.c) in OpenSER 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SMS message, triggering memory corruption when the “beginning” buffer is copied to the third (pdu) argument.

Affected configurations

NVD

Node

openseropenserRange≤1.1.0

CPENameOperatorVersion
openser:openseropenserle1.1.0

CPE	Name	Operator	Version
openser:openser	openser	le	1.1.0

References

archives.neohapsis.com/archives/bugtraq/2007-01/0093.html

www.osvdb.org/33340

www.securityfocus.com/archive/1/455415/100/0/threaded

www.securityfocus.com/bid/21800

exchange.xforce.ibmcloud.com/vulnerabilities/31137

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.5%

JSON

Related for CVE-2006-6876

nvd1 cvelist1