7.8

CVE-2006-5873

Buffer overflow in the cluster_process_heartbeat function in cluster.c in layer 2 tunneling protocol network server (l2tpns) before 2.1.21 allows remote attackers to cause a denial of service via a large heartbeat packet.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
L2tpnsL2tpns Version1.1
L2tpnsL2tpns Version2.0.13
L2tpnsL2tpns Version2.1
DebianDebian Linux Version3.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.3% 0.812
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://l2tpns.cvs.sourceforge.net/l2tpns/l2tpns/cluster.c?r1=1.53&r2=1.54
Patch
http://secunia.com/advisories/23230
Patch
Vendor Advisory
http://secunia.com/advisories/23333
Patch
Vendor Advisory
http://sourceforge.net/project/shownotes.php?group_id=97282&release_id=468202
Vendor Advisory
http://www.debian.org/security/2006/dsa-1230
Patch
Vendor Advisory
http://www.securityfocus.com/bid/21443
Vendor Advisory
http://www.vupen.com/english/advisories/2006/4860
https://exchange.xforce.ibmcloud.com/vulnerabilities/30732