Lucene search
FreeBSD Security Advisory (FreeBSD-SA-06:08.sack.asc)
🗓️ 04 Sep 2008 00:00:00Reported by Copyright (C) 2008 E-Soft Inc.Type 
openvas🔗 plugins.openvas.org👁 8 Views
FreeBSD SACK (Selective Acknowledgement) allows hosts to acknowledge some packets, reducing retransmission cost, but an issue exists leading to TCP/IP stack infinite loop
Show more
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | FreeBSD Security Advisory FreeBSD-SA-06:08.sack | 2 Feb 200600:00 | – | securityvulns |
 | CVE-2006-0433 | 2 Feb 200611:02 | – | cve |
| FreeBSD Security Advisory (FreeBSD-SA-06:08.sack.asc) | 4 Sep 200800:00 | – | openvas |
 | CVE-2006-0433 | 2 Feb 200611:00 | – | cvelist |
 | CVE-2006-0433 | 2 Feb 200611:02 | – | nvd |
 | FreeBSD-SA-06:08.sack | 1 Feb 200600:00 | – | freebsd_advisory |
 | Memory corruption | 2 Feb 200611:02 | – | prion |
 | CVE-2006-0433 | 2 Feb 200600:00 | – | ubuntucve |
 | FreeBSD -- Infinite loop in SACK handling | 1 Feb 200600:00 | – | freebsd |
| Source | Link |
|---|---|
| securityfocus | www.securityfocus.com/bid/16466 |
| secure1 | www.secure1.securityspace.com/smysecure/catid.html |
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.56240");
script_version("2023-07-26T05:05:09+0000");
script_tag(name:"last_modification", value:"2023-07-26 05:05:09 +0000 (Wed, 26 Jul 2023)");
script_tag(name:"creation_date", value:"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)");
script_cve_id("CVE-2006-0433");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_name("FreeBSD Security Advisory (FreeBSD-SA-06:08.sack.asc)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("FreeBSD Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/freebsd", "ssh/login/freebsdpatchlevel");
script_tag(name:"insight", value:"SACK (Selective Acknowledgement) is an extension to the TCP/IP protocol
that allows hosts to acknowledge the receipt of some, but not all, of
the packets sent, thereby reducing the cost of retransmissions.
When insufficient memory is available to handle an incoming selective
acknowledgement, the TCP/IP stack may enter an infinite loop.");
script_tag(name:"solution", value:"Upgrade your system to the appropriate stable release
or security branch dated after the correction date.");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-06:08.sack.asc");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/16466");
script_tag(name:"summary", value:"The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-06:08.sack.asc");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-bsd.inc");
vuln = FALSE;
if(patchlevelcmp(rel:"5.4", patchlevel:"11")<0) {
vuln = TRUE;
}
if(patchlevelcmp(rel:"5.3", patchlevel:"26")<0) {
vuln = TRUE;
}
if(vuln) {
security_message(port:0);
} else if (__pkg_match) {
exit(99);
}Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo04 Sep 2008 00:00Current
7High risk
Vulners AI Score7
CVSS25
EPSS0.02464