CVE-2006-5417 - OpenCVE

McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mcafee	Internet Security Suite Network Agent Personal Firewall Plus Virusscan

Configuration 1 [-]

OR	cpe:2.3:a:mcafee:internet_security_suite::::::::
	cpe:2.3:a:mcafee:network_agent:1.0.178.0:::::::*
	cpe:2.3:a:mcafee:personal_firewall_plus::::::::
	cpe:2.3:a:mcafee:virusscan::::::::

No data.

References

Link	Providers
http://secunia.com/advisories/22371
http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html
http://securityreason.com/securityalert/1750
http://securitytracker.com/id?1017057
http://www.securityfocus.com/archive/1/448546/100/0/threaded
http://www.securityfocus.com/bid/20496
https://exchange.xforce.ibmcloud.com/vulnerabilities/29501

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-10-20T10:00:00

Updated: 2024-08-07T19:48:30.217Z

Reserved: 2006-10-19T00:00:00

Link: CVE-2006-5417

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-10-20T14:07:00.000

Modified: 2018-10-17T21:42:50.190

Link: CVE-2006-5417

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-10-12T00:00:00", "descriptions": [{"lang": "en", "value": "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-17T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20061012 Mcafee Network Agent (mcnasvc.exe) Remote DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"}, {"name": "1017057", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017057"}, {"tags": ["x_refsource_MISC"], "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"}, {"name": "20496", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/20496"}, {"name": "mcafee-mcnasvc-dos(29501)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"}, {"name": "22371", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/22371"}, {"name": "1750", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/1750"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-5417", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20061012 Mcafee Network Agent (mcnasvc.exe) Remote DoS", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"}, {"name": "1017057", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017057"}, {"name": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html", "refsource": "MISC", "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"}, {"name": "20496", "refsource": "BID", "url": "http://www.securityfocus.com/bid/20496"}, {"name": "mcafee-mcnasvc-dos(29501)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"}, {"name": "22371", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22371"}, {"name": "1750", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/1750"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T19:48:30.217Z"}, "title": "CVE Program Container", "references": [{"name": "20061012 Mcafee Network Agent (mcnasvc.exe) Remote DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"}, {"name": "1017057", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017057"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"}, {"name": "20496", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/20496"}, {"name": "mcafee-mcnasvc-dos(29501)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"}, {"name": "22371", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/22371"}, {"name": "1750", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/1750"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-5417", "datePublished": "2006-10-20T10:00:00", "dateReserved": "2006-10-19T00:00:00", "dateUpdated": "2024-08-07T19:48:30.217Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:internet_security_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7C68CA8-9525-4FBA-A873-F17524D3F595", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:network_agent:1.0.178.0:*:*:*:*:*:*:*", "matchCriteriaId": "CBB41A7D-90D1-4B5F-9DF5-24908F04B9B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:personal_firewall_plus:*:*:*:*:*:*:*:*", "matchCriteriaId": "47CA26D8-35B1-458C-A9CA-60B033992520", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:virusscan:*:*:*:*:*:*:*:*", "matchCriteriaId": "3B6140F3-9135-4490-A2A2-F8D0A1FEF8C2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information."}, {"lang": "es", "value": "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, seg\u00fan lo utilizado por m\u00faltiples productos McAfee posiblemente incluyendo Internet Security Suite, Personal Firewall Plus, y VirusScan, permiten a un atacante remoto provocar denegaci\u00f3n de servicio (caida del agente) a trav\u00e9s de un gran paquete, posiblemente a causa de un valor de posici\u00f3n de cadena inv\u00e1lido. NOTA: algunos de los detalles de esta informaci\u00f3n se obtuvieron de terceros."}], "id": "CVE-2006-5417", "lastModified": "2018-10-17T21:42:50.190", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-10-20T14:07:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/22371"}, {"source": "cve@mitre.org", "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/1750"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1017057"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/20496"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}