Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

0

CVE-2006-2451

Disclosure Date: July 07, 2006 •

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program that causes a core dump file to be created in a directory for which the user does not have permissions.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

linux

Products

References

Canonical

CVE-2006-2451 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2451)

BID-18874 (http://www.securityfocus.com/bid/18874)

Advisory

http://www.redhat.com/support/errata/RHSA-2006-0574.html

20060713 Re: [Full-disclosure] Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 ) (http://www.securityfocus.com/archive/1/440117/100/0/threaded)

http://www.novell.com/linux/security/advisories/2006_17_sr.html

http://www.novell.com/linux/security/advisories/2006_42_kernel.html

ADV-2006-2699 (http://www.vupen.com/english/advisories/2006/2699)

20060707 rPSA-2006-0122-1 kernel (http://www.securityfocus.com/archive/1/439483/100/100/threaded)

20060716 Re: Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround (http://www.securityfocus.com/archive/1/440379/100/0/threaded)

20060714 Linux Kernel 2.6.x PRCTL Core Dump Handling -- Simple workaround (http://www.securityfocus.com/archive/1/440057/100/0/threaded)

20060710 Re: rPSA-2006-0122-1 kernel (http://www.securityfocus.com/archive/1/439610/100/100/threaded)

http://www.novell.com/linux/security/advisories/2006_47_kernel.html

http://www.kernel.org/git?p=linux/kernel/git/stable/linux-2.6.17.y.git;a=commit;h=0af184bb9f80edfbb94de46cb52e9592e5a547b0

SECTRACK-1016451 (http://securitytracker.com/id?1016451)

SECUNIA-20965 (http://secunia.com/advisories/20965)

USN-311-1 (http://www.ubuntu.com/usn/usn-311-1)

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.24

OSVDB-27030 (http://www.osvdb.org/27030)

SECUNIA-21966 (http://secunia.com/advisories/21966)

http://www.novell.com/linux/security/advisories/2006_16_sr.html

SECUNIA-20953 (http://secunia.com/advisories/20953)

SECUNIA-21498 (http://secunia.com/advisories/21498)

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.4

http://www.novell.com/linux/security/advisories/2006_49_kernel.html

SECUNIA-20986 (http://secunia.com/advisories/20986)

SECUNIA-20991 (http://secunia.com/advisories/20991)

http://support.avaya.com/elmodocs2/security/ASA-2006-162.htm

SECUNIA-20960 (http://secunia.com/advisories/20960)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11336

20060712 Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 ) (http://www.securityfocus.com/archive/1/439869/100/0/threaded)

https://issues.rpath.com/browse/RPL-488

20060713 Linux sys_prctl LKM based hotfix (http://www.securityfocus.com/archive/1/440118/100/0/threaded)

SECUNIA-21179 (http://secunia.com/advisories/21179)

Miscellaneous

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=195902

Rapid7

Technical Analysis