Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-5679

EPSS 0.17% · P38
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-5679

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Integer overflow in the ffs_mountfs function in FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted UFS filesystem that causes invalid or large size parameters to be provided to the kmem_alloc function. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
FreeBSD UFS文件系统本地整数溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 FreeBSD 6.1内核的UFS文件系统处理代码没有正确的处理被破坏的数据结构,本地攻击者可能利用此漏洞导致整数溢出。 在加载特制的UFS文件分区时,攻击者可以直接控制所分配的内核内存数量,通过ffs_mountfs函数及之后对malloc、uma_large_malloc和page_alloc的调用控制对kmem_alloc()所传送的值。很大的或无效的大小参数会导致内核忙碌。如果从文件系统流拷贝了用户所控制数据的话
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-5679

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-5679

登录查看更多情报信息。

Same Patch Batch · n/a · 2006-11-03 · 30 CVEs total

CVE-2006-5672MySource CMS web/init_mysource.php 远程文件包含漏洞
CVE-2006-5662Easy NotesManager SQL注入漏洞
CVE-2006-5661VIRtech Netquery nquser.php 跨站脚本攻击漏洞
CVE-2006-5660Cisco安全代理管理中心认证绕过漏洞
CVE-2006-5659PAM_extern 信息泄露漏洞
CVE-2006-5658BlooMooWeb ActiveX控件多个漏洞
CVE-2006-5657Vilistextum远程拒绝服务攻击及缓冲区溢出漏洞
CVE-2006-5656Vilistextum远程拒绝服务攻击及缓冲区溢出漏洞
CVE-2006-5655OpenDocMan index.php SQL注入漏洞
CVE-2006-5654Mozilla网络安全服务库远程拒绝服务漏洞
CVE-2006-5653Sun Java System Messenger Express跨站脚本攻击漏洞
CVE-2006-5652iPlanet Messaging Server Messenger Express Expression() 跨站脚本攻击漏洞
CVE-2006-5397X.Org X Window Server LibX11 Xinput 信息泄露漏洞
CVE-2006-5674miniBB 多个远程文件包含漏洞
CVE-2006-5673MiniBB bb_func_txt.php远程文件包含漏洞
CVE-2006-5701Linux Kernel SquashFS双重释放拒绝服务漏洞
CVE-2006-5671Free Image Hosting contact.php 远程文件包含漏洞
CVE-2006-5670Free Image Hosting Forgot_Pass.PHP远程文件包含漏洞
CVE-2006-5669Gepi gestion/savebackup.php 远程文件包含漏洞
CVE-2006-5668Ampache 安全绕过漏洞

Showing top 20 of 30 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-5679

No comments yet

Leave a comment