CVE-2006-6106
CVE-2006-6106
Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.5http://marc.info/?l=linux-kernel&m=116614741607528&w=2http://marc.info/?l=linux-kernel&m=116648929829440&w=2http://rhn.redhat.com/errata/RHSA-2007-0014.htmlhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218602http://secunia.com/advisories/23408http://secunia.com/advisories/23427http://secunia.com/advisories/23593http://secunia.com/advisories/23609http://secunia.com/advisories/23752http://secunia.com/advisories/23997http://secunia.com/advisories/24098