Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-4304

EPSS 5.62% · P90
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-4304

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
NetBSD PPP驱动远程溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
NetBSD是一款免费开放源代码的UNIX性质的操作系统。 在处理从远程主机所接收到的连接控制协议(LCP)配置选项时,ppp(4)没有正确的验证选项长度,这可能导致在所分配的内核内存缓冲区以外读取或写入数据。 能够发送LCP报文的攻击者,包括ppp(4)连接的远端,可以导致内核忙碌、获得敏感信息或权限提升。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-4304

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-4304

登录查看更多情报信息。

Same Patch Batch · n/a · 2006-08-24 · 26 CVEs total

CVE-2006-4317Woltlab Burning Board 'Attachment.php' 跨站脚本攻击(XSS)漏洞
CVE-2006-4329Shadows Rising RPG多个远程文件包含漏洞
CVE-2006-4328CloudNine Internet Solutions Links Manager 'admin.php' SQL注入漏洞
CVE-2006-4327CloudNine Internet Solutions Links Manager多个跨站脚本攻击漏洞
CVE-2006-4326Justsystem Ichitaro 和Government Unicode堆栈缓冲区溢出漏洞
CVE-2006-4325Doika Guestbook 'GBook.PHP' 跨站脚本攻击(XSS)漏洞
CVE-2006-4324CityForFree Indexcity 'add_url2.php'跨站脚本攻击漏洞
CVE-2006-4323CityForFree Indexcity 'List.PHP' SQL注入漏洞
CVE-2006-4322Mambo EstateAgent组件 'configuration.php' mosConfig_absolute_path参数远程文件包含漏洞
CVE-2006-4321Mambo的Coppermine Gallery组件'cpg.PHP'远程文件包含漏洞
CVE-2006-4320Joomla OpenSEF组件'sef.php'PHP远程文件包含漏洞
CVE-2006-4319Sun Solaris 格式化指令缓冲区溢出漏洞
CVE-2006-4318WFTPD服务器超长畸形参多个远程缓冲区溢出漏洞
CVE-2006-4347JIRAN Cool Messenger Cool_CoolD.exe文件SQL注入漏洞
CVE-2006-4346Asterisk Record()文件名目录遍历漏洞
CVE-2006-4345Asterisk MGCP 远程栈溢出漏洞
CVE-2006-4344CGI-Rescue Mail F/W System 跨站请求伪造漏洞
CVE-2006-4333Wireshark Q.2391协议处理单元拒绝服务攻击漏洞
CVE-2006-4332Wireshark Glib的bug拒绝服务攻击漏洞
CVE-2006-4331Wireshark IPSec ESP解析器缓冲区溢出漏洞

Showing top 20 of 26 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-4304

No comments yet

Leave a comment