CVE-2006-2093 - OpenCVE

Nessus before 2.2.8, and 3.x before 3.0.3, allows user-assisted attackers to cause a denial of service (memory consumption) via a NASL script that calls split with an invalid sep parameter. NOTE: a design goal of the NASL language is to facilitate sharing of security tests by guaranteeing that a script "can not do anything nasty." This issue is appropriate for CVE only if Nessus users have an expectation that a split statement will not use excessive memory.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:H/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Nessus	Nessus

Configuration 1 [-]

OR	cpe:2.3:a:nessus:nessus::::::::
	cpe:2.3:a:nessus:nessus::::::::
	cpe:2.3:a:nessus:nessus:2.2.0:::::::*
	cpe:2.3:a:nessus:nessus:2.2.0_rc1:::::::*
	cpe:2.3:a:nessus:nessus:2.2.1:::::::*
	cpe:2.3:a:nessus:nessus:2.2.2:::::::*
	cpe:2.3:a:nessus:nessus:2.2.3:::::::*
	cpe:2.3:a:nessus:nessus:2.2.5:::::::*
	cpe:2.3:a:nessus:nessus:2.2.6:::::::*

No data.

References

Link	Providers
http://securityreason.com/securityalert/817
http://securitytracker.com/id?1015996
http://www.osvdb.org/25084
http://www.securityfocus.com/archive/1/431987/100/0/threaded
http://www.securityfocus.com/archive/1/431993/100/0/threaded
http://www.securityfocus.com/archive/1/431994/100/0/threaded
http://www.vupen.com/english/advisories/2006/1541
https://exchange.xforce.ibmcloud.com/vulnerabilities/26034
https://usn.ubuntu.com/279-1/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-04-29T10:00:00

Updated: 2024-08-07T17:35:31.394Z

Reserved: 2006-04-28T00:00:00

Link: CVE-2006-2093

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-04-29T10:02:00.000

Modified: 2018-10-18T16:38:08.113

Link: CVE-2006-2093

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-04-25T00:00:00", "descriptions": [{"lang": "en", "value": "Nessus before 2.2.8, and 3.x before 3.0.3, allows user-assisted attackers to cause a denial of service (memory consumption) via a NASL script that calls split with an invalid sep parameter. NOTE: a design goal of the NASL language is to facilitate sharing of security tests by guaranteeing that a script \"can not do anything nasty.\" This issue is appropriate for CVE only if Nessus users have an expectation that a split statement will not use excessive memory."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20060425 NASL 'Split' function Buffer overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/431987/100/0/threaded"}, {"name": "USN-279-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/279-1/"}, {"name": "20060425 Re: NASL 'Split' function Buffer overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/431993/100/0/threaded"}, {"name": "817", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/817"}, {"name": "ADV-2006-1541", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1541"}, {"name": "20060425 Re: NASL 'Split' function Buffer overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/431994/100/0/threaded"}, {"name": "nessus-nasl-split-dos(26034)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26034"}, {"name": "1015996", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1015996"}, {"name": "25084", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25084"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-2093", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Nessus before 2.2.8, and 3.x before 3.0.3, allows user-assisted attackers to cause a denial of service (memory consumption) via a NASL script that calls split with an invalid sep parameter. NOTE: a design goal of the NASL language is to facilitate sharing of security tests by guaranteeing that a script \"can not do anything nasty.\" This issue is appropriate for CVE only if Nessus users have an expectation that a split statement will not use excessive memory."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20060425 NASL 'Split' function Buffer overflow Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/431987/100/0/threaded"}, {"name": "USN-279-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/279-1/"}, {"name": "20060425 Re: NASL 'Split' function Buffer overflow Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/431993/100/0/threaded"}, {"name": "817", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/817"}, {"name": "ADV-2006-1541", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1541"}, {"name": "20060425 Re: NASL 'Split' function Buffer overflow Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/431994/100/0/threaded"}, {"name": "nessus-nasl-split-dos(26034)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26034"}, {"name": "1015996", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015996"}, {"name": "25084", "refsource": "OSVDB", "url": "http://www.osvdb.org/25084"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T17:35:31.394Z"}, "title": "CVE Program Container", "references": [{"name": "20060425 NASL 'Split' function Buffer overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/431987/100/0/threaded"}, {"name": "USN-279-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/279-1/"}, {"name": "20060425 Re: NASL 'Split' function Buffer overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/431993/100/0/threaded"}, {"name": "817", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/817"}, {"name": "ADV-2006-1541", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/1541"}, {"name": "20060425 Re: NASL 'Split' function Buffer overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/431994/100/0/threaded"}, {"name": "nessus-nasl-split-dos(26034)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26034"}, {"name": "1015996", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1015996"}, {"name": "25084", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25084"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-2093", "datePublished": "2006-04-29T10:00:00", "dateReserved": "2006-04-28T00:00:00", "dateUpdated": "2024-08-07T17:35:31.394Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nessus:nessus:*:*:*:*:*:*:*:*", "matchCriteriaId": "893B7354-62EB-470D-97F2-AED3A424B30D", "versionEndIncluding": "2.2.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:nessus:nessus:*:*:*:*:*:*:*:*", "matchCriteriaId": "757C2A87-10EA-48A5-890E-1779FBFEE0A0", "versionEndIncluding": "3.0.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:nessus:nessus:2.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "34121C2E-978F-4D68-969A-558886F29CF8", "vulnerable": true}, {"criteria": "cpe:2.3:a:nessus:nessus:2.2.0_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "53E34C0B-AAC7-4117-8E68-D32FEBB9ABCB", "vulnerable": true}, {"criteria": "cpe:2.3:a:nessus:nessus:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "7DD466D6-094E-4F89-AA7E-8C958D751206", "vulnerable": true}, {"criteria": "cpe:2.3:a:nessus:nessus:2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "10E2F716-1BE6-4F06-80A2-C03F60F58E3F", "vulnerable": true}, {"criteria": "cpe:2.3:a:nessus:nessus:2.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "0B73F0FA-8454-4291-98D1-9F7A99373557", "vulnerable": true}, {"criteria": "cpe:2.3:a:nessus:nessus:2.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "511BAE3E-16F4-4451-84D7-AAEB1FD3A87A", "vulnerable": true}, {"criteria": "cpe:2.3:a:nessus:nessus:2.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "BEF4E5AB-816A-4B1D-8901-6551C14B6688", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Nessus before 2.2.8, and 3.x before 3.0.3, allows user-assisted attackers to cause a denial of service (memory consumption) via a NASL script that calls split with an invalid sep parameter. NOTE: a design goal of the NASL language is to facilitate sharing of security tests by guaranteeing that a script \"can not do anything nasty.\" This issue is appropriate for CVE only if Nessus users have an expectation that a split statement will not use excessive memory."}], "id": "CVE-2006-2093", "lastModified": "2018-10-18T16:38:08.113", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2006-04-29T10:02:00.000", "references": [{"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/817"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://securitytracker.com/id?1015996"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/25084"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/431987/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/431993/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/431994/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/1541"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26034"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/279-1/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}