CVE-2006-6767

EPSS 6.6%
Veröffentlicht 16.01.2007 19:28:00
Zuletzt bearbeitet 16.06.2026 22:33:45
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

oftpd before 0.3.7 allows remote attackers to cause a denial of service (daemon abort) via a (1) LPRT or (2) LPASV command with an unsupported address family, which triggers an assertion failure.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 11

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Time-travellers ≫ Oftpd Version < 0.3.7

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	6.6%	0.93

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	9.4	10	9.2	AV:N/AC:L/Au:N/C:N/I:C/A:C

CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

http://osvdb.org/32822

Broken Link

http://secunia.com/advisories/23790

Broken Link

http://secunia.com/advisories/23797

Broken Link

http://securitytracker.com/id?1017517

Third Party Advisory

Broken Link

VDB Entry

http://www.gentoo.org/security/en/glsa/glsa-200701-09.xml

Third Party Advisory

http://www.securityfocus.com/bid/22073

Third Party Advisory

Broken Link

VDB Entry

http://www.vupen.com/english/advisories/2007/0198

Broken Link

https://exchange.xforce.ibmcloud.com/vulnerabilities/31520

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2006-6767

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-6767

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-6767

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2006-6767