Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

0

CVE-2006-3745

Disclosure Date: August 23, 2006 •

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service (panic) and possibly gain root privileges via unknown attack vectors.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

linux

Products

References

Canonical

CVE-2006-3745 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3745)

BID-19666 (http://www.securityfocus.com/bid/19666)

Advisory

XF-kernel-sctp-privilege-escalation(28530) (https://exchange.xforce.ibmcloud.com/vulnerabilities/28530)

SECUNIA-21934 (http://secunia.com/advisories/21934)

http://www.mandriva.com/security/advisories?name=MDKSA-2007:025

SECUNIA-21847 (http://secunia.com/advisories/21847)

http://www.redhat.com/support/errata/RHSA-2006-0617.html

SECUNIA-21695 (http://secunia.com/advisories/21695)

SECUNIA-21605 (http://secunia.com/advisories/21605)

DSA-1183 (http://www.debian.org/security/2006/dsa-1183)

http://www.mandriva.com/security/advisories?name=MDKSA-2006:150

http://www.mandriva.com/security/advisories?name=MDKSA-2006:151

SECUNIA-22082 (http://secunia.com/advisories/22082)

SECUNIA-21614 (http://secunia.com/advisories/21614)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10706

SECUNIA-22174 (http://secunia.com/advisories/22174)

20060822 Linux Kernel SCTP Privilege Elevation Vulnerability (http://www.securityfocus.com/archive/1/444066/100/0/threaded)

20060822 Linux Kernel SCTP Privilege Elevation Vulnerability (http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0600.html)

SECUNIA-21576 (http://secunia.com/advisories/21576)

SECUNIA-22148 (http://secunia.com/advisories/22148)

USN-346-1 (http://www.ubuntu.com/usn/usn-346-1)

http://www.novell.com/linux/security/advisories/2006_21_sr.html

http://www.novell.com/linux/security/advisories/2006_22_sr.html

http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm

https://issues.rpath.com/browse/RPL-611

ADV-2006-3358 (http://www.vupen.com/english/advisories/2006/3358)

20060831 rPSA-2006-0162-1 kernel (http://www.securityfocus.com/archive/1/444887/100/0/threaded)

SECUNIA-22093 (http://secunia.com/advisories/22093)

DSA-1184 (http://www.debian.org/security/2006/dsa-1184)

http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.2

http://www.novell.com/linux/security/advisories/2006_57_kernel.html

Rapid7

Technical Analysis