ID CVE-2006-6915Type cveReporter cve@mitre.orgModified 2011-03-08T02:47:00
Description
ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service (port exhaustion) via unspecified vectors. NOTE: some details were obtained from third party sources.
{"id": "CVE-2006-6915", "bulletinFamily": "NVD", "title": "CVE-2006-6915", "description": "ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service (port exhaustion) via unspecified vectors. NOTE: some details were obtained from third party sources.", "published": "2006-12-31T05:00:00", "modified": "2011-03-08T02:47:00", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6915", "reporter": "cve@mitre.org", "references": ["http://www-1.ibm.com/support/docview.wss?uid=isg1IY91787", "http://www.vupen.com/english/advisories/2007/0101", "http://secunia.com/advisories/23688", "ftp://aix.software.ibm.com/aix/efixes/security/README", "http://securitytracker.com/id?1017480", "http://www.securityfocus.com/bid/21940", "http://www-1.ibm.com/support/docview.wss?uid=isg1IY89168"], "cvelist": ["CVE-2006-6915"], "type": "cve", "lastseen": "2019-05-29T18:08:35", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "1949d7553e0561a6efaf1236cdfc678e"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "12edfb9cfb30e62fd06bd1e5c65104dc"}, {"key": "cpe23", "hash": "8bb32ba65bca6c80dd9c17280a44ca4e"}, {"key": "cvelist", "hash": "34af1782f0ba7a4ef94a885dce78189b"}, {"key": "cvss", "hash": "3a24dfd360218a9ca36afb3843751b95"}, {"key": "cvss2", "hash": "32971123fe0f3ad53ee94e62d001c800"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "76aa12172ce622e3fae46cb6296b7b68"}, {"key": "href", "hash": "0cc77e38ae2deb8bddb5805e74ca3704"}, {"key": "modified", "hash": "467b29f3f535886b02fe888c4194460a"}, {"key": "published", "hash": "ed57dcc4fb5c911b94ea09eeae1c33f5"}, {"key": "references", "hash": "be257e76d3feba6e7fdc070cb235153a"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "14f54244987f05a93bbfad77654268d8"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "a57b5759d0fcb2f5a0bc6b34afe978a1ad1329290cb301453eec4d2ba698c523", "viewCount": 0, "enchantments": {"score": {"value": 5.2, "vector": "NONE", "modified": "2019-05-29T18:08:35"}, "dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:32656"]}, {"type": "nessus", "idList": ["AIX_U809506.NASL"]}], "modified": "2019-05-29T18:08:35"}, "vulnersScore": 5.2}, "objectVersion": "1.3", "cpe": ["cpe:/a:ibm:aix:5.2.0", "cpe:/o:ibm:aix:5.3.0", "cpe:/o:ibm:aix:5.2.0", "cpe:/a:ibm:aix:5.3.0"], "affectedSoftware": [{"name": "ibm aix", "operator": "eq", "version": "5.2.0"}, {"name": "ibm aix", "operator": "eq", "version": "5.3.0"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:o:ibm:aix:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:aix:5.3.0:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"]}
{"osvdb": [{"lastseen": "2017-04-28T13:20:29", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://www-1.ibm.com/support/docview.wss?uid=isg1IY89168\nVendor Specific News/Changelog Entry: ftp://aix.software.ibm.com/aix/efixes/security/README\nVendor Specific News/Changelog Entry: http://www-1.ibm.com/support/docview.wss?uid=isg1IY91787\nSecurity Tracker: 1017480\n[Secunia Advisory ID:23688](https://secuniaresearch.flexerasoftware.com/advisories/23688/)\n[Related OSVDB ID: 32655](https://vulners.com/osvdb/OSVDB:32655)\nKeyword: bos.net.tcp.client\nFrSIRT Advisory: ADV-2007-0101\n[CVE-2006-6915](https://vulners.com/cve/CVE-2006-6915)\nBugtraq ID: 21940\n", "modified": "2006-09-04T05:33:54", "published": "2006-09-04T05:33:54", "href": "https://vulners.com/osvdb/OSVDB:32656", "id": "OSVDB:32656", "title": "AIX ftpd Unspecified Port Exhaustion DoS", "type": "osvdb", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-11-01T02:13:02", "bulletinFamily": "scanner", "description": "The remote host is missing AIX PTF U809506, which is related to the\nsecurity of the package bos.net.tcp.client.", "modified": "2019-11-02T00:00:00", "id": "AIX_U809506.NASL", "href": "https://www.tenable.com/plugins/nessus/65311", "published": "2013-03-13T00:00:00", "title": "AIX 5.3 TL 6 : bos.net.tcp.client (U809506)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were extracted\n# from AIX Security PTF U809506. The text itself is copyright (C)\n# International Business Machines Corp.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65311);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/09/16 14:12:47\");\n\n script_cve_id(\"CVE-2006-6914\", \"CVE-2006-6915\");\n\n script_name(english:\"AIX 5.3 TL 6 : bos.net.tcp.client (U809506)\");\n script_summary(english:\"Check for PTF U809506\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is missing AIX PTF U809506, which is related to the\nsecurity of the package bos.net.tcp.client.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www-01.ibm.com/support/docview.wss?uid=isg1IY89168\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www-01.ibm.com/support/docview.wss?uid=isg1IY91468\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate missing security-related fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:5.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AIX/oslevel\", \"Host/AIX/version\", \"Host/AIX/lslpp\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nflag = 0;\n\nif ( aix_check_patch(ml:\"530006\", patch:\"U809506\", package:\"bos.net.tcp.client.5.3.0.54\") < 0 ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}]}
