OpenCVE

Unspecified vulnerability in ptrace in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read kernel memory and obtain sensitive information via certain manipulations of a PT_LWPINFO request, which leads to a memory leak and information leak.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Netbsd	Netbsd

Configuration 1 [-]

OR	cpe:2.3:o:netbsd:netbsd:2.0:::::::*
	cpe:2.3:o:netbsd:netbsd:2.1:::::::*
	cpe:2.3:o:netbsd:netbsd:3.0:::::::*
	cpe:2.3:o:netbsd:netbsd:3.0.1:::::::*

No data.

References

Link	Providers
ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-025.txt.asc
http://securitytracker.com/id?1017292

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-12-20T02:00:00Z

Updated: 2024-09-17T03:43:24.298Z

Reserved: 2006-12-19T00:00:00Z

Link: CVE-2006-6656

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2006-12-20T02:28:00.000

Modified: 2008-09-05T21:15:17.737

Link: CVE-2006-6656

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in ptrace in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read kernel memory and obtain sensitive information via certain manipulations of a PT_LWPINFO request, which leads to a memory leak and information leak."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2006-12-20T02:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "NetBSD-SA2006-025", "tags": ["vendor-advisory", "x_refsource_NETBSD"], "url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-025.txt.asc"}, {"name": "1017292", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017292"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-6656", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in ptrace in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read kernel memory and obtain sensitive information via certain manipulations of a PT_LWPINFO request, which leads to a memory leak and information leak."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "NetBSD-SA2006-025", "refsource": "NETBSD", "url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-025.txt.asc"}, {"name": "1017292", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017292"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T20:33:59.705Z"}, "title": "CVE Program Container", "references": [{"name": "NetBSD-SA2006-025", "tags": ["vendor-advisory", "x_refsource_NETBSD", "x_transferred"], "url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-025.txt.asc"}, {"name": "1017292", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017292"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-6656", "datePublished": "2006-12-20T02:00:00Z", "dateReserved": "2006-12-19T00:00:00Z", "dateUpdated": "2024-09-17T03:43:24.298Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561", "vulnerable": true}, {"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677", "vulnerable": true}, {"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A", "vulnerable": true}, {"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "4F9432E9-AACA-4242-BDAB-8792ACF72C12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in ptrace in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read kernel memory and obtain sensitive information via certain manipulations of a PT_LWPINFO request, which leads to a memory leak and information leak."}, {"lang": "es", "value": "Vulnerabilidad no especificada en ptrace en \r\nNetBSD-current versiones anteriores a 20061027, NetBSD 3.0 y 3.0.1 versiones anteriores a 20061027, y NetBSD 2.x versiones anteriores a 20061019, permite a usuarios locales leer la memoria del kernel y obtener informaci\u00f3n confidencial mediante manipulaciones concretas de peticiones PT_LWPINFO, lo que conduce a fugas de memoria y de informaci\u00f3n."}], "id": "CVE-2006-6656", "lastModified": "2008-09-05T21:15:17.737", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-12-20T02:28:00.000", "references": [{"source": "cve@mitre.org", "url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-025.txt.asc"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://securitytracker.com/id?1017292"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}