CVE-2006-2093
Published Apr 29, 2006
Last updated 6 years ago
Overview
- Description
- Nessus before 2.2.8, and 3.x before 3.0.3, allows user-assisted attackers to cause a denial of service (memory consumption) via a NASL script that calls split with an invalid sep parameter. NOTE: a design goal of the NASL language is to facilitate sharing of security tests by guaranteeing that a script "can not do anything nasty." This issue is appropriate for CVE only if Nessus users have an expectation that a split statement will not use excessive memory.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.6
- Impact score
- 2.9
- Exploitability score
- 4.9
- Vector string
- AV:N/AC:H/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-399
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nessus:nessus:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "893B7354-62EB-470D-97F2-AED3A424B30D",
"versionEndIncluding": "2.2.7"
},
{
"criteria": "cpe:2.3:a:nessus:nessus:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "757C2A87-10EA-48A5-890E-1779FBFEE0A0",
"versionEndIncluding": "3.0.2"
},
{
"criteria": "cpe:2.3:a:nessus:nessus:2.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "34121C2E-978F-4D68-969A-558886F29CF8"
},
{
"criteria": "cpe:2.3:a:nessus:nessus:2.2.0_rc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "53E34C0B-AAC7-4117-8E68-D32FEBB9ABCB"
},
{
"criteria": "cpe:2.3:a:nessus:nessus:2.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7DD466D6-094E-4F89-AA7E-8C958D751206"
},
{
"criteria": "cpe:2.3:a:nessus:nessus:2.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10E2F716-1BE6-4F06-80A2-C03F60F58E3F"
},
{
"criteria": "cpe:2.3:a:nessus:nessus:2.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B73F0FA-8454-4291-98D1-9F7A99373557"
},
{
"criteria": "cpe:2.3:a:nessus:nessus:2.2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "511BAE3E-16F4-4451-84D7-AAEB1FD3A87A"
},
{
"criteria": "cpe:2.3:a:nessus:nessus:2.2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BEF4E5AB-816A-4B1D-8901-6551C14B6688"
}
],
"operator": "OR"
}
]
}
]