Lucene search

Ubuntu.comUB:CVE-2006-1624

HistoryApr 05, 2006 - 12:00 a.m.

CVE-2006-1624

2006-04-0500:00:00

ubuntu.com

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.012 Low

EPSS

Percentile

85.4%

JSON

The default configuration of syslogd in the Linux sysklogd package does not
enable the -x (disable name lookups) option, which allows remote attackers
to cause a denial of service (traffic amplification) via messages with
spoofed source IP addresses.

References

launchpad.net/bugs/cve/CVE-2006-1624

nvd.nist.gov/vuln/detail/CVE-2006-1624

security-tracker.debian.org/tracker/CVE-2006-1624

www.cve.org/CVERecord?id=CVE-2006-1624

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.012 Low

EPSS

Percentile

85.4%

JSON

Related for UB:CVE-2006-1624