ID

VAR-200603-0054


CVE

CVE-2006-1068


TITLE

Netgear Multiple router denial of service vulnerability

Trust: 1.0

sources: IVD: ccd14756-2354-11e6-abef-000c29c66e3d // IVD: 7d78bf1e-463f-11e9-851e-000c29342cb1 // CNVD: CNVD-2006-1328

DESCRIPTION

Netgear 614 and 624 routers, possibly running VXWorks, allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. Netgear Router is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users

Trust: 2.25

sources: NVD: CVE-2006-1068 // CNVD: CNVD-2006-1328 // BID: 87167 // IVD: ccd14756-2354-11e6-abef-000c29c66e3d // IVD: 7d78bf1e-463f-11e9-851e-000c29342cb1 // VULHUB: VHN-17176 // VULMON: CVE-2006-1068

IOT TAXONOMY

category:['IoT', 'ICS', 'Network device']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.4

sources: IVD: ccd14756-2354-11e6-abef-000c29c66e3d // IVD: 7d78bf1e-463f-11e9-851e-000c29342cb1 // CNVD: CNVD-2006-1328

AFFECTED PRODUCTS

vendor:netgearmodel:routerscope:eqversion:*

Trust: 1.0

vendor:nomodel: - scope: - version: -

Trust: 0.6

vendor:netgearmodel:routerscope: - version: -

Trust: 0.6

vendor:netgear routermodel: - scope:eqversion:*

Trust: 0.4

vendor:netgearmodel:routerscope:eqversion:0

Trust: 0.3

sources: IVD: ccd14756-2354-11e6-abef-000c29c66e3d // IVD: 7d78bf1e-463f-11e9-851e-000c29342cb1 // CNVD: CNVD-2006-1328 // BID: 87167 // CNNVD: CNNVD-200603-094 // NVD: CVE-2006-1068

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-1068
value: MEDIUM

Trust: 1.0

CNVD: CNVD-2006-1328
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-200603-094
value: MEDIUM

Trust: 0.6

IVD: ccd14756-2354-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

IVD: 7d78bf1e-463f-11e9-851e-000c29342cb1
value: MEDIUM

Trust: 0.2

VULHUB: VHN-17176
value: MEDIUM

Trust: 0.1

VULMON: CVE-2006-1068
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2006-1068
severity: MEDIUM
baseScore: 4.9
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

CNVD: CNVD-2006-1328
severity: MEDIUM
baseScore: 4.9
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: ccd14756-2354-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 4.9
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 7d78bf1e-463f-11e9-851e-000c29342cb1
severity: MEDIUM
baseScore: 4.9
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-17176
severity: MEDIUM
baseScore: 4.9
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: ccd14756-2354-11e6-abef-000c29c66e3d // IVD: 7d78bf1e-463f-11e9-851e-000c29342cb1 // CNVD: CNVD-2006-1328 // VULHUB: VHN-17176 // VULMON: CVE-2006-1068 // CNNVD: CNNVD-200603-094 // NVD: CVE-2006-1068

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-1068

THREAT TYPE

local

Trust: 0.9

sources: BID: 87167 // CNNVD: CNNVD-200603-094

TYPE

other

Trust: 1.0

sources: IVD: ccd14756-2354-11e6-abef-000c29c66e3d // IVD: 7d78bf1e-463f-11e9-851e-000c29342cb1 // CNNVD: CNNVD-200603-094

EXTERNAL IDS

db:NVDid:CVE-2006-1068

Trust: 3.1

db:BIDid:16954

Trust: 2.7

db:BUGTRAQid:20060306 RE: LINKSYS ROUTER + IRC DOS

Trust: 1.2

db:CNNVDid:CNNVD-200603-094

Trust: 1.1

db:CNVDid:CNVD-2006-1328

Trust: 1.0

db:BUGTRAQid:20060304 VARIOUS ROUTER DOS

Trust: 0.6

db:BUGTRAQid:20060303 LINKSYS ROUTER + IRC DOS

Trust: 0.6

db:XFid:25230

Trust: 0.6

db:BIDid:87167

Trust: 0.5

db:IVDid:CCD14756-2354-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:IVDid:7D78BF1E-463F-11E9-851E-000C29342CB1

Trust: 0.2

db:VULHUBid:VHN-17176

Trust: 0.1

db:VULMONid:CVE-2006-1068

Trust: 0.1

sources: IVD: ccd14756-2354-11e6-abef-000c29c66e3d // IVD: 7d78bf1e-463f-11e9-851e-000c29342cb1 // CNVD: CNVD-2006-1328 // VULHUB: VHN-17176 // VULMON: CVE-2006-1068 // BID: 87167 // CNNVD: CNNVD-200603-094 // NVD: CVE-2006-1068

REFERENCES

url:http://www.securityfocus.com/bid/16954

Trust: 2.7

url:http://www.securityfocus.com/archive/1/426863/100/0/threaded

Trust: 2.1

url:http://www.hm2k.org/news/1141413208.html

Trust: 2.1

url:http://www.securityfocus.com/archive/1/426761/100/0/threaded

Trust: 1.2

url:http://www.securityfocus.com/archive/1/426756/100/0/threaded

Trust: 1.2

url:http://www.securityfocus.com/archive/1/426934/100/0/threaded

Trust: 1.2

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/25230

Trust: 1.2

url:http://www.securityfocus.com/archive/1/archive/1/426934/100/0/threaded

Trust: 0.9

url:http://www.securityfocus.com/archive/1/archive/1/426761/100/0/threaded

Trust: 0.9

url:http://www.securityfocus.com/archive/1/archive/1/426756/100/0/threaded

Trust: 0.9

url:http://xforce.iss.net/xforce/xfdb/25230

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.securityfocus.com/bid/87167

Trust: 0.1

sources: CNVD: CNVD-2006-1328 // VULHUB: VHN-17176 // VULMON: CVE-2006-1068 // BID: 87167 // CNNVD: CNNVD-200603-094 // NVD: CVE-2006-1068

CREDITS

ryanmeyer14@netscape.net discovered this issue. Both ryanmeyer14@netscape.net and "Cade Cairns" <cairnsc@gmail.com> disclosed this issue.

Trust: 0.6

sources: CNNVD: CNNVD-200603-094

SOURCES

db:IVDid:ccd14756-2354-11e6-abef-000c29c66e3d
db:IVDid:7d78bf1e-463f-11e9-851e-000c29342cb1
db:CNVDid:CNVD-2006-1328
db:VULHUBid:VHN-17176
db:VULMONid:CVE-2006-1068
db:BIDid:87167
db:CNNVDid:CNNVD-200603-094
db:NVDid:CVE-2006-1068

LAST UPDATE DATE

2024-11-23T22:32:29.936000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2006-1328date:2006-03-07T00:00:00
db:VULHUBid:VHN-17176date:2018-10-18T00:00:00
db:VULMONid:CVE-2006-1068date:2018-10-18T00:00:00
db:BIDid:87167date:2006-03-07T00:00:00
db:CNNVDid:CNNVD-200603-094date:2006-03-09T00:00:00
db:NVDid:CVE-2006-1068date:2024-11-21T00:08:00.193

SOURCES RELEASE DATE

db:IVDid:ccd14756-2354-11e6-abef-000c29c66e3ddate:2006-03-07T00:00:00
db:IVDid:7d78bf1e-463f-11e9-851e-000c29342cb1date:2006-03-07T00:00:00
db:CNVDid:CNVD-2006-1328date:2006-03-07T00:00:00
db:VULHUBid:VHN-17176date:2006-03-07T00:00:00
db:VULMONid:CVE-2006-1068date:2006-03-07T00:00:00
db:BIDid:87167date:2006-03-07T00:00:00
db:CNNVDid:CNNVD-200603-094date:2006-03-07T00:00:00
db:NVDid:CVE-2006-1068date:2006-03-07T22:06:00