Lucene search
Copyright (C) 2008 E-Soft Inc.OPENVAS:136141256231056240HistorySep 04, 2008 - 12:00 a.m.
FreeBSD Security Advisory (FreeBSD-SA-06:08.sack.asc)
2008-09-0400:00:00
Copyright (C) 2008 E-Soft Inc.
plugins.openvas.org
7 High
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.066 Low
EPSS
Percentile
93.8%
The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-06:08.sack.asc
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.56240");
script_version("2023-07-26T05:05:09+0000");
script_tag(name:"last_modification", value:"2023-07-26 05:05:09 +0000 (Wed, 26 Jul 2023)");
script_tag(name:"creation_date", value:"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)");
script_cve_id("CVE-2006-0433");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_name("FreeBSD Security Advisory (FreeBSD-SA-06:08.sack.asc)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("FreeBSD Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/freebsd", "ssh/login/freebsdpatchlevel");
script_tag(name:"insight", value:"SACK (Selective Acknowledgement) is an extension to the TCP/IP protocol
that allows hosts to acknowledge the receipt of some, but not all, of
the packets sent, thereby reducing the cost of retransmissions.
When insufficient memory is available to handle an incoming selective
acknowledgement, the TCP/IP stack may enter an infinite loop.");
script_tag(name:"solution", value:"Upgrade your system to the appropriate stable release
or security branch dated after the correction date.");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-06:08.sack.asc");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/16466");
script_tag(name:"summary", value:"The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-06:08.sack.asc");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-bsd.inc");
vuln = FALSE;
if(patchlevelcmp(rel:"5.4", patchlevel:"11")<0) {
vuln = TRUE;
}
if(patchlevelcmp(rel:"5.3", patchlevel:"26")<0) {
vuln = TRUE;
}
if(vuln) {
security_message(port:0);
} else if (__pkg_match) {
exit(99);
}Related
openvas
openvas
FreeBSD Security Advisory (FreeBSD-SA-06:08.sack.asc)
2008-09-04 00:00:00
securityvulns
securityvulns
FreeBSD Security Advisory FreeBSD-SA-06:08.sack
2006-02-02 00:00:00
cve
cve
CVE-2006-0433
2006-02-02 11:02:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-06:08.sack
2006-02-01 00:00:00
prion
prion
Memory corruption
2006-02-02 11:02:00
ubuntucve
ubuntucve
CVE-2006-0433
2006-02-02 00:00:00
freebsd
freebsd
FreeBSD -- Infinite loop in SACK handling
2006-02-01 00:00:00
7 High
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.066 Low
EPSS
Percentile
93.8%
Related for OPENVAS:136141256231056240