CVE-2006-3529 - OpenCVE

Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to cause a denial of service (kernel packet memory consumption and crash) via crafted IPv6 packets whose buffers are not released after they are processed.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Juniper	Junos

Configuration 1 [-]

OR	cpe:2.3:o:juniper:junos:6.4:::::::*
	cpe:2.3:o:juniper:junos:6.5:::::::*
	cpe:2.3:o:juniper:junos:6.6:::::::*
	cpe:2.3:o:juniper:junos:6.7:::::::*
	cpe:2.3:o:juniper:junos:6.8:::::::*
	cpe:2.3:o:juniper:junos:6.9:::::::*
	cpe:2.3:o:juniper:junos:7.0:::::::*
	cpe:2.3:o:juniper:junos:7.1:::::::*
	cpe:2.3:o:juniper:junos:7.2:::::::*
	cpe:2.3:o:juniper:junos:7.3:::::::*
	cpe:2.3:o:juniper:junos:7.4:::::::*
	cpe:2.3:o:juniper:junos:7.5:::::::*
	cpe:2.3:o:juniper:junos:7.6:::::::*
	cpe:2.3:o:juniper:junos:7.7:::::::*
	cpe:2.3:o:juniper:junos:7.8:::::::*
	cpe:2.3:o:juniper:junos:7.9:::::::*
	cpe:2.3:o:juniper:junos:8.0:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/21003
http://securitytracker.com/id?1016460
http://www.juniper.net/support/security/alerts/EXT-PSN-2006-06-017.txt
http://www.juniper.net/support/security/alerts/IPv6_bug.txt
http://www.kb.cert.org/vuls/id/294036
http://www.osvdb.org/27132
http://www.securityfocus.com/bid/18930
http://www.vupen.com/english/advisories/2006/2742
https://exchange.xforce.ibmcloud.com/vulnerabilities/27654

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-07-12T00:00:00

Updated: 2024-08-07T18:30:34.348Z

Reserved: 2006-07-11T00:00:00

Link: CVE-2006-3529

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-07-12T00:05:00.000

Modified: 2017-07-20T01:32:22.460

Link: CVE-2006-3529

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-07-10T00:00:00", "descriptions": [{"lang": "en", "value": "Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to cause a denial of service (kernel packet memory consumption and crash) via crafted IPv6 packets whose buffers are not released after they are processed."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-19T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "21003", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21003"}, {"name": "junos-ipv6-dos(27654)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27654"}, {"name": "27132", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27132"}, {"name": "ADV-2006-2742", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/2742"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.juniper.net/support/security/alerts/EXT-PSN-2006-06-017.txt"}, {"name": "18930", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/18930"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.juniper.net/support/security/alerts/IPv6_bug.txt"}, {"name": "1016460", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016460"}, {"name": "VU#294036", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/294036"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-3529", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to cause a denial of service (kernel packet memory consumption and crash) via crafted IPv6 packets whose buffers are not released after they are processed."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "21003", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21003"}, {"name": "junos-ipv6-dos(27654)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27654"}, {"name": "27132", "refsource": "OSVDB", "url": "http://www.osvdb.org/27132"}, {"name": "ADV-2006-2742", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2742"}, {"name": "http://www.juniper.net/support/security/alerts/EXT-PSN-2006-06-017.txt", "refsource": "CONFIRM", "url": "http://www.juniper.net/support/security/alerts/EXT-PSN-2006-06-017.txt"}, {"name": "18930", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18930"}, {"name": "http://www.juniper.net/support/security/alerts/IPv6_bug.txt", "refsource": "CONFIRM", "url": "http://www.juniper.net/support/security/alerts/IPv6_bug.txt"}, {"name": "1016460", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016460"}, {"name": "VU#294036", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/294036"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T18:30:34.348Z"}, "title": "CVE Program Container", "references": [{"name": "21003", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21003"}, {"name": "junos-ipv6-dos(27654)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27654"}, {"name": "27132", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/27132"}, {"name": "ADV-2006-2742", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/2742"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.juniper.net/support/security/alerts/EXT-PSN-2006-06-017.txt"}, {"name": "18930", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/18930"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.juniper.net/support/security/alerts/IPv6_bug.txt"}, {"name": "1016460", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1016460"}, {"name": "VU#294036", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/294036"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-3529", "datePublished": "2006-07-12T00:00:00", "dateReserved": "2006-07-11T00:00:00", "dateUpdated": "2024-08-07T18:30:34.348Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "B8089D28-839F-45CF-9247-969A9739E685", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "8664DCE8-CDED-4F79-AB0C-39EBAC70CB80", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "534326C1-089F-4F5D-8C16-F9612DA81CB8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "975AF42B-DC98-40FA-8320-E836B14363E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:6.8:*:*:*:*:*:*:*", "matchCriteriaId": "E05A9228-0C1F-4545-A1D9-3F1B3D350C56", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:6.9:*:*:*:*:*:*:*", "matchCriteriaId": "F0ABDDB7-20CB-4F56-8F12-7A584814E7ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "3195C856-8C0F-44DA-8DBB-ADD1854F0D66", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "15480017-59ED-446C-9E9C-13D710ABC9E5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "EF1C2CC2-9EA4-4017-BFF7-399FEBA0DE9E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "8F443DB8-1E98-4D66-A75D-DCC4716218E8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "E51EBFBB-9236-436F-AC05-C7AFD9452A73", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "851DD20A-9796-4B06-A9FF-C16D74310156", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "38C56079-E4AC-4CE2-805D-AB893F82070C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:7.7:*:*:*:*:*:*:*", "matchCriteriaId": "913BE97D-81FB-44A6-B699-C0DBED49E130", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:7.8:*:*:*:*:*:*:*", "matchCriteriaId": "690C6E3A-BD5E-4F68-BC65-866A7962731E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:7.9:*:*:*:*:*:*:*", "matchCriteriaId": "E36DE975-8D35-4789-8A5F-F120F6B47174", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "A0EE5FF2-A12F-41EF-9A3D-66B471288BF8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to cause a denial of service (kernel packet memory consumption and crash) via crafted IPv6 packets whose buffers are not released after they are processed."}, {"lang": "es", "value": "Fuga de memoria en Juniper JUNOS de 6.4 a 8.0, construidos antes del 10 de mayo de 2006, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (agotamiento del paquete de memoria del n\u00facleo y ca\u00edda) a trav\u00e9s de paquetes IPv6 manipulados cuyos b\u00fafers no se liberan despu\u00e9s de ser procesados."}], "id": "CVE-2006-3529", "lastModified": "2017-07-20T01:32:22.460", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-07-12T00:05:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21003"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1016460"}, {"source": "cve@mitre.org", "url": "http://www.juniper.net/support/security/alerts/EXT-PSN-2006-06-017.txt"}, {"source": "cve@mitre.org", "url": "http://www.juniper.net/support/security/alerts/IPv6_bug.txt"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/294036"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27132"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/18930"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/2742"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27654"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}