cvelistv5 - cve-2006-5417

cve-2006-5417

Vulnerability from cvelistv5

Published

2006-10-20 10:00

Modified

2024-08-07 19:48

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/22371	Vendor Advisory
cve@mitre.org	http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html
cve@mitre.org	http://securityreason.com/securityalert/1750
cve@mitre.org	http://securitytracker.com/id?1017057
cve@mitre.org	http://www.securityfocus.com/archive/1/448546/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/20496
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/29501
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22371	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/1750
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1017057
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/448546/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/20496
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/29501

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:48:30.217Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20061012 Mcafee Network Agent (mcnasvc.exe) Remote DoS",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"
          },
          {
            "name": "1017057",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1017057"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"
          },
          {
            "name": "20496",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/20496"
          },
          {
            "name": "mcafee-mcnasvc-dos(29501)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"
          },
          {
            "name": "22371",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22371"
          },
          {
            "name": "1750",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/1750"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-10-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value.  NOTE: some of these details are obtained from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20061012 Mcafee Network Agent (mcnasvc.exe) Remote DoS",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"
        },
        {
          "name": "1017057",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1017057"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"
        },
        {
          "name": "20496",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/20496"
        },
        {
          "name": "mcafee-mcnasvc-dos(29501)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"
        },
        {
          "name": "22371",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22371"
        },
        {
          "name": "1750",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/1750"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-5417",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value.  NOTE: some of these details are obtained from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20061012 Mcafee Network Agent (mcnasvc.exe) Remote DoS",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"
            },
            {
              "name": "1017057",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1017057"
            },
            {
              "name": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html",
              "refsource": "MISC",
              "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"
            },
            {
              "name": "20496",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/20496"
            },
            {
              "name": "mcafee-mcnasvc-dos(29501)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"
            },
            {
              "name": "22371",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22371"
            },
            {
              "name": "1750",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/1750"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-5417",
    "datePublished": "2006-10-20T10:00:00",
    "dateReserved": "2006-10-19T00:00:00",
    "dateUpdated": "2024-08-07T19:48:30.217Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-5417\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-10-20T14:07:00.000\",\"lastModified\":\"2024-11-21T00:19:09.347\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value.  NOTE: some of these details are obtained from third party information.\"},{\"lang\":\"es\",\"value\":\"McAfee Network Agent (mcnasvc.exe) 1.0.178.0, seg\u00fan lo utilizado por m\u00faltiples productos McAfee posiblemente incluyendo Internet Security Suite, Personal Firewall Plus, y VirusScan, permiten a un atacante remoto provocar denegaci\u00f3n de servicio (caida del agente) a trav\u00e9s de un gran paquete, posiblemente a causa de un valor de posici\u00f3n de cadena inv\u00e1lido. NOTA: algunos de los detalles de esta informaci\u00f3n se obtuvieron de terceros.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mcafee:internet_security_suite:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7C68CA8-9525-4FBA-A873-F17524D3F595\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mcafee:network_agent:1.0.178.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBB41A7D-90D1-4B5F-9DF5-24908F04B9B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mcafee:personal_firewall_plus:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47CA26D8-35B1-458C-A9CA-60B033992520\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mcafee:virusscan:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B6140F3-9135-4490-A2A2-F8D0A1FEF8C2\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/22371\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securityreason.com/securityalert/1750\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1017057\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/448546/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/20496\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/29501\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/22371\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securityreason.com/securityalert/1750\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1017057\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/448546/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/20496\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/29501\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information. McAfee Network Agent is prone to a remote denial-of-service vulnerability because the service fails to properly handle excessive network data. Exploiting this issue may cause the affected application to crash, denying service to legitimate users. Version 1.0.178.0 is vulnerable; other versions may also be affected. Remote attackers may use this vulnerability to perform denial of service attacks on services.

Want to work within IT-Security?

Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit. This can be exploited to crash the service by sending a specially crafted message with an invalid value in the string position field.

SOLUTION: Restrict access to the service.

PROVIDED AND/OR DISCOVERED BY: JAAScois

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200610-0251",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "network agent",
        "scope": "eq",
        "trust": 2.7,
        "vendor": "mcafee",
        "version": "1.0.178.0"
      },
      {
        "model": "internet security suite",
        "scope": null,
        "trust": 1.4,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "personal firewall plus",
        "scope": null,
        "trust": 1.4,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "virusscan",
        "scope": null,
        "trust": 1.4,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "internet security suite",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mcafee",
        "version": "*"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mcafee",
        "version": "*"
      },
      {
        "model": "personal firewall plus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mcafee",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "20496"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002292"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200610-367"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-5417"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:mcafee:internet_security_suite",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:mcafee:network_agent",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:mcafee:personal_firewall_plus",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:mcafee:virusscan",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002292"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "JAAScois www.jaascois.com)",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200610-367"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2006-5417",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2006-5417",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-21525",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2006-5417",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2006-5417",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200610-367",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-21525",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-21525"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002292"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200610-367"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-5417"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value.  NOTE: some of these details are obtained from third party information. McAfee Network Agent is prone to a remote denial-of-service vulnerability because the service fails to properly handle excessive network data. \nExploiting this issue may cause the affected application to crash, denying service to legitimate users. \nVersion 1.0.178.0 is vulnerable; other versions may also be affected. Remote attackers may use this vulnerability to perform denial of service attacks on services. \n\n----------------------------------------------------------------------\n\nWant to work within IT-Security?\n\nSecunia is expanding its team of highly skilled security experts. \nWe will help with relocation and obtaining a work permit. This can be\nexploited to crash the service by sending a specially crafted message\nwith an invalid value in the string position field. \n\nSOLUTION:\nRestrict access to the service. \n\nPROVIDED AND/OR DISCOVERED BY:\nJAAScois\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-5417"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002292"
      },
      {
        "db": "BID",
        "id": "20496"
      },
      {
        "db": "VULHUB",
        "id": "VHN-21525"
      },
      {
        "db": "PACKETSTORM",
        "id": "50888"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2006-5417",
        "trust": 2.5
      },
      {
        "db": "BID",
        "id": "20496",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "22371",
        "trust": 1.8
      },
      {
        "db": "SREASON",
        "id": "1750",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1017057",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002292",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200610-367",
        "trust": 0.7
      },
      {
        "db": "XF",
        "id": "29501",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20061012 MCAFEE NETWORK AGENT (MCNASVC.EXE) REMOTE DOS",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-21525",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "50888",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-21525"
      },
      {
        "db": "BID",
        "id": "20496"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002292"
      },
      {
        "db": "PACKETSTORM",
        "id": "50888"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200610-367"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-5417"
      }
    ]
  },
  "id": "VAR-200610-0251",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-21525"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T22:54:12.559000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Internet Security",
        "trust": 0.8,
        "url": "http://home.mcafee.com/store/internet-security"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002292"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-5417"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/20496"
      },
      {
        "trust": 1.7,
        "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1017057"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/22371"
      },
      {
        "trust": 1.7,
        "url": "http://securityreason.com/securityalert/1750"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5417"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-5417"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/29501"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/448546/100/0/threaded"
      },
      {
        "trust": 0.3,
        "url": "http://www.mcafee.com/"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/448546"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/22371/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/9052/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/11210/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/267/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-21525"
      },
      {
        "db": "BID",
        "id": "20496"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002292"
      },
      {
        "db": "PACKETSTORM",
        "id": "50888"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200610-367"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-5417"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-21525"
      },
      {
        "db": "BID",
        "id": "20496"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002292"
      },
      {
        "db": "PACKETSTORM",
        "id": "50888"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200610-367"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-5417"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2006-10-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-21525"
      },
      {
        "date": "2006-10-12T00:00:00",
        "db": "BID",
        "id": "20496"
      },
      {
        "date": "2012-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-002292"
      },
      {
        "date": "2006-10-13T20:38:12",
        "db": "PACKETSTORM",
        "id": "50888"
      },
      {
        "date": "2006-10-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200610-367"
      },
      {
        "date": "2006-10-20T14:07:00",
        "db": "NVD",
        "id": "CVE-2006-5417"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-21525"
      },
      {
        "date": "2006-10-13T18:59:00",
        "db": "BID",
        "id": "20496"
      },
      {
        "date": "2012-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-002292"
      },
      {
        "date": "2006-10-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200610-367"
      },
      {
        "date": "2024-11-21T00:19:09.347000",
        "db": "NVD",
        "id": "CVE-2006-5417"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200610-367"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Internet Security Suite Such as  McAfee Service disruption in products  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002292"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200610-367"
      }
    ],
    "trust": 0.6
  }
}

gsd-2006-5417

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2006-5417

Aliases

CVE-2006-5417

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-5417",
    "description": "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value.  NOTE: some of these details are obtained from third party information.",
    "id": "GSD-2006-5417"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-5417"
      ],
      "details": "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value.  NOTE: some of these details are obtained from third party information.",
      "id": "GSD-2006-5417",
      "modified": "2023-12-13T01:19:56.201082Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-5417",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value.  NOTE: some of these details are obtained from third party information."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20061012 Mcafee Network Agent (mcnasvc.exe) Remote DoS",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"
          },
          {
            "name": "1017057",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1017057"
          },
          {
            "name": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html",
            "refsource": "MISC",
            "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"
          },
          {
            "name": "20496",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/20496"
          },
          {
            "name": "mcafee-mcnasvc-dos(29501)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"
          },
          {
            "name": "22371",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22371"
          },
          {
            "name": "1750",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/1750"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mcafee:internet_security_suite:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mcafee:network_agent:1.0.178.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mcafee:personal_firewall_plus:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mcafee:virusscan:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-5417"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value.  NOTE: some of these details are obtained from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"
            },
            {
              "name": "20496",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/20496"
            },
            {
              "name": "1017057",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1017057"
            },
            {
              "name": "22371",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/22371"
            },
            {
              "name": "1750",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/1750"
            },
            {
              "name": "mcafee-mcnasvc-dos(29501)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"
            },
            {
              "name": "20061012 Mcafee Network Agent (mcnasvc.exe) Remote DoS",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-17T21:42Z",
      "publishedDate": "2006-10-20T14:07Z"
    }
  }
}

fkie_cve-2006-5417

Vulnerability from fkie_nvd

Published

2006-10-20 14:07

Modified

2024-11-21 00:19

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/22371	Vendor Advisory
cve@mitre.org	http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html
cve@mitre.org	http://securityreason.com/securityalert/1750
cve@mitre.org	http://securitytracker.com/id?1017057
cve@mitre.org	http://www.securityfocus.com/archive/1/448546/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/20496
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/29501
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22371	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/1750
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1017057
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/448546/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/20496
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/29501

Impacted products

Vendor	Product	Version
mcafee	internet_security_suite	*
mcafee	network_agent	1.0.178.0
mcafee	personal_firewall_plus	*
mcafee	virusscan	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mcafee:internet_security_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7C68CA8-9525-4FBA-A873-F17524D3F595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mcafee:network_agent:1.0.178.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBB41A7D-90D1-4B5F-9DF5-24908F04B9B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mcafee:personal_firewall_plus:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "47CA26D8-35B1-458C-A9CA-60B033992520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mcafee:virusscan:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B6140F3-9135-4490-A2A2-F8D0A1FEF8C2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value.  NOTE: some of these details are obtained from third party information."
    },
    {
      "lang": "es",
      "value": "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, seg\u00fan lo utilizado por m\u00faltiples productos McAfee posiblemente incluyendo Internet Security Suite, Personal Firewall Plus, y VirusScan, permiten a un atacante remoto provocar denegaci\u00f3n de servicio (caida del agente) a trav\u00e9s de un gran paquete, posiblemente a causa de un valor de posici\u00f3n de cadena inv\u00e1lido. NOTA: algunos de los detalles de esta informaci\u00f3n se obtuvieron de terceros."
    }
  ],
  "id": "CVE-2006-5417",
  "lastModified": "2024-11-21T00:19:09.347",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-10-20T14:07:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22371"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/1750"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1017057"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/20496"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22371"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/1750"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1017057"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/20496"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-9r32-ggv7-h33m

Vulnerability from github

Published

2022-05-01 07:28

Modified

2022-05-01 07:28

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-5417"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-10-20T14:07:00Z",
    "severity": "MODERATE"
  },
  "details": "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value.  NOTE: some of these details are obtained from third party information.",
  "id": "GHSA-9r32-ggv7-h33m",
  "modified": "2022-05-01T07:28:05Z",
  "published": "2022-05-01T07:28:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-5417"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22371"
    },
    {
      "type": "WEB",
      "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/1750"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1017057"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/20496"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2006-5417

Vulnerability from cvelistv5

var-200610-0251

Vulnerability from variot

gsd-2006-5417

Vulnerability from gsd

fkie_cve-2006-5417

Vulnerability from fkie_nvd

ghsa-9r32-ggv7-h33m

Vulnerability from github

Tags

Sightings

Nomenclature