Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-4650

EPSS 0.64% · P71
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-4650

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect memory locations, which allows remote attackers to inject crafted packets into the routing queue, possibly bypassing intended router ACLs.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco IOS GRE报文路由选项解析溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco互联网操作系统(IOS)是Cisco设备所使用的操作系统。 Cisco Systems IOS在解析包含有GRE源路由信息的GRE报文时存在漏洞,远程攻击者可能导致设备处理报文出错。 如果收到了特制的GRE报文的话,IOS设备没有验证偏移字段是否指向报文内,如果偏移值被设置为负值,IOS直接从包含有IP报文全长的整数中减去了偏移,导致缓冲区访问越界溢出。这可能导致将报文环缓冲区(ring buffer)的其他内存内容解释为负载IP报文并以很大的长度信息重新注入到路由队列中: GRE decaps
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-4650

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-4650

登录查看更多情报信息。

Same Patch Batch · n/a · 2006-09-09 · 22 CVEs total

CVE-2006-4660ICQ Toolbar 1.3 for IE 多个跨站脚本攻击漏洞
CVE-2006-4670Photokorn 多个PHP远程文件包含漏洞
CVE-2006-4669Somery 'Include.PHP' PHP远程文件包含漏洞
CVE-2006-4668AckerTodo 'Index.PHP'跨站脚本攻击漏洞
CVE-2006-4667RunCms 多个SQL注入漏洞
CVE-2006-4666WMNews 多个PHP远程文件包含漏洞
CVE-2006-4665MKPortal M1.1 Rc 'index.php'跨站脚本攻击漏洞
CVE-2006-4664Premod Shadow 'Functions_Portal.PHP'PHP远程文件包含漏洞
CVE-2006-4663Linux kernel 安全漏洞
CVE-2006-4662ICQ Pro 2003b 堆溢出漏洞
CVE-2006-4661ICQ Toolbar 1.3 for IE多个安全漏洞
CVE-2006-4294TWiki Viewfile 目录遍历漏洞
CVE-2006-4659Panda Platinum Internet Security 本地提权漏洞
CVE-2006-4658Panda Platinum Internet Security 本地提权漏洞
CVE-2006-4657Panda Platinum Internet Security 本地提权漏洞
CVE-2006-4656Web-Provence SL_Site 'Spaw_control.class.PHP'PHP远程文件包含漏洞
CVE-2006-4655X.Org 字符控制函数 缓冲区溢出漏洞
CVE-2006-4654Easy Address Book Web Server 格式串处理漏洞
CVE-2006-4653Amazing Little Picture Poll 敏感信息泄露漏洞
CVE-2006-4652Amazing Little Picture Poll 'lp_admin.php'认证绕过漏洞

Showing top 20 of 22 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-4650

No comments yet

Leave a comment