ID

VAR-200702-0378


CVE

CVE-2006-5276


TITLE

Sourcefire Snort DCE/RPC preprocessor does not properly reassemble fragmented packets

Trust: 0.8

sources: CERT/CC: VU#196240

DESCRIPTION

Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic. Snort IDS and Sourcefire Intrusion Sensor are prone to a stack-based buffer-overflow vulnerability because the network intrusion detection (NID) systems fail to handle specially crafted 'DCE' and 'RPC' network packets. An attacker can exploit this issue to execute malicious code in the context of the user running the affected application. Failed attempts will likely cause these applications to crash. The software provides functions such as packet sniffing, packet analysis, and packet inspection. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-050A Sourcefire Snort DCE/RPC Preprocessor Buffer Overflow Original release date: February 19, 2007 Last revised: -- Source: US-CERT Systems Affected * Snort 2.6.1, 2.6.1.1, and 2.6.1.2 * Snort 2.7.0 beta 1 * Sourcefire Intrusion Sensors version 4.1.x, 4.5.x, and 4.6x with SEUs prior to SEU 64 * Sourcefire Intrusion Sensors for Crossbeam version 4.1.x, 4.5.x, and 4.6x with SEUs prior to SEU 64 Other products that use Snort or Snort components may be affected. I. The DCE/RPC preprocessor reassembles fragmented SMB and DCE/RPC traffic before passing data to the Snort rules. The vulnerable code does not properly reassemble certain types of SMB and DCE/RPC packets. An attacker could exploit this vulnerability by sending a specially crafted TCP packet to a host or network monitored by Snort. The DCE/RPC preprocessor is enabled by default, and it is not necessary for an attacker to complete a TCP handshake. US-CERT is tracking this vulnerability as VU#196240. This vulnerability has been assigned CVE number CVE-2006-5276. Further information is available in advisories from Sourcefire and ISS. II. III. Solution Upgrade Snort 2.6.1.3 is available from the Snort download site. Sourcefire customers should visit the Sourcefire Support Login site. Disable the DCE/RPC Preprocessor To disable the DCE/RPC preprocessor, comment out the line that loads the preprocessor in the Snort configuration file (typically /etc/snort.conf on UNIX and Linux systems): [/etc/snort.conf] ... #preprocessor dcerpc... Restart Snort for the change to take effect. Disabling the preprocessor will prevent Snort from reassembling fragmented SMB and DCE/RPC packets. This may allow attacks to evade the IDS. IV. References * US-CERT Vulnerability Note VU#196240 - <http://www.kb.cert.org/vuls/id/196240> * Sourcefire Advisory 2007-02-19 - <http://www.snort.org/docs/advisory-2007-02-19.html> * Sourcefire Support Login - <https://support.sourcefire.com/> * Sourcefire Snort Release Notes for 2.6.1.3 - <http://www.snort.org/docs/release_notes/release_notes_2613.txt> * Snort downloads - <http://www.snort.org/dl/> * DCE/RPC Preprocessor - <http://www.snort.org/docs/snort_htmanuals/htmanual_261/node104.html> * IBM Internet Security Systems Protection Advisory - <http://iss.net/threats/257.html> * CVE-2006-5276 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5276> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA07-050A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA07-050A Feedback VU#196240" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History February 19, 2007: Initial Release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRdop4+xOF3G+ig+rAQKdtAgAhQY66LRfVlNkH30Q5RI0gIo5Vhu14yDP qulLEyzjDhC7gDHWBGQYdE9eCy9Yf3P4BfKJS0766he/7CFn+BaDs7ohnXaynHQq +kMYNBMBg2RbrGKfOGRLHc0P6X1tSP3w45IppjOv9Yo5SUVDCa7beZWURCIKZyp6 OuYXtnpiGNctHgeU56US0sfuKj8qP7KOd9pCDRDQRhJ3UUd9wDpXee66HBxchh+w RSIQiMxisOX9mMYBW3z4DM/lb7PxXoa2Q7DwjM1NIOe/0tAObCOvF4uYhOLCVyNg +EbcN9123V0PW95FITlHXvJU6K8srnnK+Fhpfyi4vg5bYeEF2WiUrg== =T7v8 -----END PGP SIGNATURE----- . February 19, 2007 Summary: Sourcefire has learned of a remotely exploitable vulnerability in the Snort DCE/RPC preprocessor. Sourcefire has prepared updates for Snort open-source software to address this issue. Mitigating Factors: Users who have disabled the DCE/RPC preprocessor are not vulnerable. Recommended Actions: * Open-source Snort 2.6.1.x users are advised to upgrade to Snort 2.6.1.3 (or later) immediately. * Open-source Snort 2.7 beta users are advised to mitigate this issue by disabling the DCE/RPC preprocessor. This issue will be resolved in Snort 2.7 beta 2. Workarounds: Snort users who cannot upgrade immediately are advised to disable the DCE/RPC preprocessor by removing the DCE/RPC preprocessor directives from snort.conf and restarting Snort. However, be advised that disabling the DCE/RPC preprocessor reduces detection capabilities for attacks in DCE/RPC traffic. After upgrading, customers should reenable the DCE/RPC preprocessor. Detecting Attacks Against This Vulnerability: Sourcefire will be releasing a rule pack that provides detection for attacks against this vulnerability. Has Sourcefire received any reports that this vulnerability has been exploited? - No. Sourcefire has not received any reports that this vulnerability has been exploited. Acknowledgments: Sourcefire would like to thank Neel Mehta from IBM X-Force for reporting this issue and working with us to resolve it. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Snort-announce mailing list Snort-announce@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/snort-announce . Resolution ========== All Snort users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-analyzer/snort-2.6.1.3" References ========== [ 1 ] CVE-2006-5276 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5276 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200703-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Trust: 3.06

sources: NVD: CVE-2006-5276 // CERT/CC: VU#196240 // JVNDB: JVNDB-2007-000170 // BID: 22616 // VULHUB: VHN-21384 // VULMON: CVE-2006-5276 // PACKETSTORM: 54569 // PACKETSTORM: 54522 // PACKETSTORM: 54834

AFFECTED PRODUCTS

vendor:snortmodel:snortscope:eqversion:2.6.1.1

Trust: 2.4

vendor:snortmodel:snortscope:eqversion:2.6.1

Trust: 2.4

vendor:snortmodel:snortscope:eqversion:2.7_beta1

Trust: 1.6

vendor:snortmodel:snortscope:eqversion:2.6.1.2

Trust: 1.4

vendor:sourcefiremodel:intrusion sensorscope:eqversion:4.5

Trust: 1.0

vendor:sourcefiremodel:intrusion sensorscope:eqversion:4.6

Trust: 1.0

vendor:sourcefiremodel:intrusion sensorscope:eqversion:4.1

Trust: 1.0

vendor:snortmodel:snortscope:lteversion:2.6.1.2

Trust: 1.0

vendor:gentoo linuxmodel: - scope: - version: -

Trust: 0.8

vendor:nortelmodel: - scope: - version: -

Trust: 0.8

vendor:snortmodel: - scope: - version: -

Trust: 0.8

vendor:sourcefiremodel: - scope: - version: -

Trust: 0.8

vendor:sourcefiremodel:intrusion sensorscope:eqversion:4.5.x

Trust: 0.8

vendor:snortmodel:snortscope:eqversion:2.7.0 beta 1

Trust: 0.8

vendor:sourcefiremodel:intrusion sensorscope:eqversion:for crossbeam version 4.1.x

Trust: 0.8

vendor:sourcefiremodel:intrusion sensorscope:ltversion:4.6x of seu 64 earlier versions

Trust: 0.8

vendor:sourcefiremodel:intrusion sensorscope:eqversion:version 4.1.x

Trust: 0.8

vendor:snortmodel:project snortscope:eqversion:2.6.1.2

Trust: 0.3

vendor:snortmodel:project snortscope:eqversion:2.6.1.1

Trust: 0.3

vendor:snortmodel:project snortscope:eqversion:2.6.1

Trust: 0.3

vendor:snortmodel:project snort betascope:eqversion:2.7.01

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:10.1

Trust: 0.3

vendor:redhatmodel:fedora core7scope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux asscope:eqversion:4

Trust: 0.3

vendor:nortelmodel:networks threat protection system intrusion sensorscope:eqversion:4.1

Trust: 0.3

vendor:nortelmodel:networks threat protection system intrusion sensorscope:eqversion:4.6

Trust: 0.3

vendor:nortelmodel:networks threat protection system intrusion sensorscope:eqversion:4.5

Trust: 0.3

vendor:nortelmodel:networks threat protection system defense centerscope:eqversion:4.1

Trust: 0.3

vendor:nortelmodel:networks threat protection system defense centerscope:eqversion:4.6

Trust: 0.3

vendor:nortelmodel:networks threat protection system defense centerscope:eqversion:4.5

Trust: 0.3

vendor:gentoomodel:net-analyzer/snortscope:eqversion:2.6.1

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux mipselscope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux m68kscope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux hppascope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux alphascope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linuxscope:eqversion:4.0

Trust: 0.3

vendor:snortmodel:project snortscope:neversion:2.6.1.3

Trust: 0.3

vendor:gentoomodel:net-analyzer/snortscope:neversion:2.6.1.3

Trust: 0.3

sources: CERT/CC: VU#196240 // BID: 22616 // JVNDB: JVNDB-2007-000170 // CNNVD: CNNVD-200702-347 // NVD: CVE-2006-5276

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-5276
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#196240
value: 23.63

Trust: 0.8

NVD: CVE-2006-5276
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200702-347
value: CRITICAL

Trust: 0.6

VULHUB: VHN-21384
value: HIGH

Trust: 0.1

VULMON: CVE-2006-5276
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2006-5276
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-21384
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#196240 // VULHUB: VHN-21384 // VULMON: CVE-2006-5276 // JVNDB: JVNDB-2007-000170 // CNNVD: CNNVD-200702-347 // NVD: CVE-2006-5276

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-5276

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 54569 // CNNVD: CNNVD-200702-347

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200702-347

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-000170

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-21384 // VULMON: CVE-2006-5276

PATCH

title:Latest changelog : 2.6.1.3url:http://www.snort.org/dl/

Trust: 0.8

title:2007-02-19 Sourcefire Advisory: Vulnerability in Snort DCE/RPC Preprocessorurl:http://www.snort.org/docs/advisory-2007-02-19.html

Trust: 0.8

title:Sourcefire Support Loginurl:https://support.sourcefire.com/

Trust: 0.8

title:Top Pageurl:http://www.sourcefire.com/

Trust: 0.8

title:Detection for Vulnerability in Snort DCE/RPC Pre-processorurl:http://www.sourcefire.com/services/advisories/sa022007.html

Trust: 0.8

title:vrt-rules-2007-02-20url:http://www.snort.org/vrt/advisories/vrt-rules-2007-02-20.html

Trust: 0.8

title:LinuxFlawurl:https://github.com/mudongliang/LinuxFlaw

Trust: 0.1

sources: VULMON: CVE-2006-5276 // JVNDB: JVNDB-2007-000170

EXTERNAL IDS

db:CERT/CCid:VU#196240

Trust: 3.8

db:NVDid:CVE-2006-5276

Trust: 3.2

db:BIDid:22616

Trust: 2.9

db:USCERTid:TA07-050A

Trust: 2.7

db:SECUNIAid:24272

Trust: 2.6

db:SECUNIAid:24190

Trust: 2.6

db:SECUNIAid:24235

Trust: 2.6

db:SECUNIAid:24239

Trust: 1.8

db:SECUNIAid:26746

Trust: 1.8

db:SECUNIAid:24240

Trust: 1.8

db:SECTRACKid:1017669

Trust: 1.8

db:SECTRACKid:1017670

Trust: 1.8

db:EXPLOIT-DBid:3362

Trust: 1.8

db:VUPENid:ADV-2007-0668

Trust: 1.8

db:VUPENid:ADV-2007-0656

Trust: 1.8

db:OSVDBid:32094

Trust: 1.8

db:XFid:31275

Trust: 1.4

db:JVNDBid:JVNDB-2007-000170

Trust: 0.8

db:CNNVDid:CNNVD-200702-347

Trust: 0.7

db:CERT/CCid:TA07-050A

Trust: 0.6

db:GENTOOid:GLSA-200703-01

Trust: 0.6

db:MILW0RMid:3362

Trust: 0.6

db:ISSid:20070219 SOURCEFIRE SNORT REMOTE BUFFER OVERFLOW

Trust: 0.6

db:BUGTRAQid:20070303 ERRATA: [ GLSA 200703-01 ] SNORT: REMOTE EXECUTION OF ARBITRARY CODE

Trust: 0.6

db:FEDORAid:FEDORA-2007-2060

Trust: 0.6

db:EXPLOIT-DBid:3609

Trust: 0.2

db:PACKETSTORMid:54522

Trust: 0.2

db:PACKETSTORMid:54569

Trust: 0.2

db:PACKETSTORMid:54834

Trust: 0.2

db:SEEBUGid:SSVID-72771

Trust: 0.1

db:EXPLOIT-DBid:18723

Trust: 0.1

db:EXPLOIT-DBid:3391

Trust: 0.1

db:PACKETSTORMid:111677

Trust: 0.1

db:PACKETSTORMid:54632

Trust: 0.1

db:VULHUBid:VHN-21384

Trust: 0.1

db:VULMONid:CVE-2006-5276

Trust: 0.1

sources: CERT/CC: VU#196240 // VULHUB: VHN-21384 // VULMON: CVE-2006-5276 // BID: 22616 // JVNDB: JVNDB-2007-000170 // PACKETSTORM: 54569 // PACKETSTORM: 54522 // PACKETSTORM: 54834 // CNNVD: CNNVD-200702-347 // NVD: CVE-2006-5276

REFERENCES

url:http://www.kb.cert.org/vuls/id/196240

Trust: 3.0

url:http://www.snort.org/docs/advisory-2007-02-19.html

Trust: 2.9

url:http://iss.net/threats/257.html

Trust: 2.6

url:http://www.securityfocus.com/bid/22616

Trust: 2.6

url:http://www.us-cert.gov/cas/techalerts/ta07-050a.html

Trust: 2.6

url:http://security.gentoo.org/glsa/glsa-200703-01.xml

Trust: 1.9

url:http://www116.nortelnetworks.com/pub/repository/clarify/document/2007/08/021923-01.pdf

Trust: 1.8

url:http://fedoranews.org/updates/fedora-2007-206.shtml

Trust: 1.8

url:https://bugzilla.redhat.com/show_bug.cgi?id=229265

Trust: 1.8

url:http://www.osvdb.org/32094

Trust: 1.8

url:http://www.securitytracker.com/id?1017669

Trust: 1.8

url:http://www.securitytracker.com/id?1017670

Trust: 1.8

url:http://secunia.com/advisories/24190

Trust: 1.8

url:http://secunia.com/advisories/24235

Trust: 1.8

url:http://secunia.com/advisories/24239

Trust: 1.8

url:http://secunia.com/advisories/24240

Trust: 1.8

url:http://secunia.com/advisories/24272

Trust: 1.8

url:http://secunia.com/advisories/26746

Trust: 1.8

url:http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail&documentoid=540173

Trust: 1.7

url:http://xforce.iss.net/xforce/xfdb/31275

Trust: 1.4

url:http://www.securityfocus.com/archive/1/461810/100/0/threaded

Trust: 1.2

url:https://www.exploit-db.com/exploits/3362

Trust: 1.2

url:http://www.vupen.com/english/advisories/2007/0656

Trust: 1.2

url:http://www.vupen.com/english/advisories/2007/0668

Trust: 1.2

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/31275

Trust: 1.2

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5276

Trust: 0.9

url:https://support.sourcefire.com/

Trust: 0.8

url:http://www.snort.org/docs/snort_htmanuals/htmanual_261/node104.html

Trust: 0.8

url:http://www.snort.org/docs/release_notes/release_notes_2613.txt

Trust: 0.8

url:http://www.snort.org/dl/

Trust: 0.8

url:http://secunia.com/advisories/24235/

Trust: 0.8

url:http://secunia.com/advisories/24190/

Trust: 0.8

url:http://secunia.com/advisories/24272/

Trust: 0.8

url:http://jvn.jp/cert/jvnta07-050a/index.html

Trust: 0.8

url:http://jvn.jp/tr/trta07-050a/index.html

Trust: 0.8

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-5276

Trust: 0.8

url:http://www.securityfocus.com/archive/1/archive/1/461810/100/0/threaded

Trust: 0.6

url:http://www.milw0rm.com/exploits/3362

Trust: 0.6

url:http://www.frsirt.com/english/advisories/2007/0668

Trust: 0.6

url:http://www.frsirt.com/english/advisories/2007/0656

Trust: 0.6

url:https://www.it-isac.org/postings/cyber/alertdetail.php?id=4108&menutype=menupublic

Trust: 0.3

url:http://www.snort.org/

Trust: 0.3

url:http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail&documentoid=540173&renditionid=&poid=null

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2006-5276

Trust: 0.3

url:http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail&amp;documentoid=540173

Trust: 0.1

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2006-5276

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.rapid7.com/db/modules/exploit/multi/ids/snort_dce_rpc

Trust: 0.1

url:https://www.exploit-db.com/exploits/3609/

Trust: 0.1

url:http://www.snort.org/docs/snort_htmanuals/htmanual_261/node104.html>

Trust: 0.1

url:http://www.us-cert.gov/cas/techalerts/ta07-050a.html>

Trust: 0.1

url:http://iss.net/threats/257.html>

Trust: 0.1

url:http://www.us-cert.gov/cas/signup.html>.

Trust: 0.1

url:https://support.sourcefire.com/>

Trust: 0.1

url:http://www.kb.cert.org/vuls/id/196240>

Trust: 0.1

url:http://www.snort.org/dl/>

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5276>

Trust: 0.1

url:http://www.us-cert.gov/legal.html>

Trust: 0.1

url:http://www.snort.org/docs/advisory-2007-02-19.html>

Trust: 0.1

url:http://www.snort.org/docs/release_notes/release_notes_2613.txt>

Trust: 0.1

url:http://www.techsay.com/default.php?page=join.php&p=sourceforge&cid=devdev

Trust: 0.1

url:https://lists.sourceforge.net/lists/listinfo/snort-announce

Trust: 0.1

url:http://bugs.gentoo.org.

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:http://security.gentoo.org/

Trust: 0.1

sources: CERT/CC: VU#196240 // VULHUB: VHN-21384 // VULMON: CVE-2006-5276 // BID: 22616 // JVNDB: JVNDB-2007-000170 // PACKETSTORM: 54569 // PACKETSTORM: 54522 // PACKETSTORM: 54834 // CNNVD: CNNVD-200702-347 // NVD: CVE-2006-5276

CREDITS

Neel Mehta

Trust: 0.6

sources: CNNVD: CNNVD-200702-347

SOURCES

db:CERT/CCid:VU#196240
db:VULHUBid:VHN-21384
db:VULMONid:CVE-2006-5276
db:BIDid:22616
db:JVNDBid:JVNDB-2007-000170
db:PACKETSTORMid:54569
db:PACKETSTORMid:54522
db:PACKETSTORMid:54834
db:CNNVDid:CNNVD-200702-347
db:NVDid:CVE-2006-5276

LAST UPDATE DATE

2024-12-20T22:56:17.691000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#196240date:2008-01-30T00:00:00
db:VULHUBid:VHN-21384date:2018-10-17T00:00:00
db:VULMONid:CVE-2006-5276date:2018-10-17T00:00:00
db:BIDid:22616date:2007-11-15T00:38:00
db:JVNDBid:JVNDB-2007-000170date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200702-347date:2007-05-16T00:00:00
db:NVDid:CVE-2006-5276date:2024-11-21T00:18:34.630

SOURCES RELEASE DATE

db:CERT/CCid:VU#196240date:2007-02-19T00:00:00
db:VULHUBid:VHN-21384date:2007-02-20T00:00:00
db:VULMONid:CVE-2006-5276date:2007-02-20T00:00:00
db:BIDid:22616date:2007-02-19T00:00:00
db:JVNDBid:JVNDB-2007-000170date:2007-04-01T00:00:00
db:PACKETSTORMid:54569date:2007-02-23T03:05:45
db:PACKETSTORMid:54522date:2007-02-20T01:23:04
db:PACKETSTORMid:54834date:2007-03-06T06:25:25
db:CNNVDid:CNNVD-200702-347date:2007-02-19T00:00:00
db:NVDid:CVE-2006-5276date:2007-02-20T01:28:00