What is the severity of CVE-2006-6397?

CVE-2006-6397 is disputed regarding its severity, but it primarily affects local user memory modification.

How do I fix CVE-2006-6397?

The best mitigation for CVE-2006-6397 is to apply the latest patches for FreeBSD, NetBSD, and OpenBSD.

Which systems are affected by CVE-2006-6397?

CVE-2006-6397 affects FreeBSD, NetBSD, and OpenBSD, particularly specific versions of these systems.

Can CVE-2006-6397 be exploited remotely?

CVE-2006-6397 is not considered exploitable remotely as the banner utility is not setuid.

What type of vulnerability is CVE-2006-6397?

CVE-2006-6397 is an integer overflow vulnerability that may allow local users to alter memory.

Vulnerability/
CVE-2006-6397

medium

4.4

CWE

NVD-CWE-Other 190

8/12/2006

7/8/2024

CVE-2006-6397: Integer Overflow

First published: Fri Dec 08 2006(Updated: )

** DISPUTED ** Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner. NOTE: CVE and multiple third parties dispute this issue. Since banner is not setuid, an exploit would not cross privilege boundaries in normal operations. This issue is not a vulnerability.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
FreeBSD Kernel	=6.2-stable
NetBSD current	=2.0.4
OpenBSD

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2006-6397?
CVE-2006-6397 is disputed regarding its severity, but it primarily affects local user memory modification.
How do I fix CVE-2006-6397?
The best mitigation for CVE-2006-6397 is to apply the latest patches for FreeBSD, NetBSD, and OpenBSD.
Which systems are affected by CVE-2006-6397?
CVE-2006-6397 affects FreeBSD, NetBSD, and OpenBSD, particularly specific versions of these systems.
Can CVE-2006-6397 be exploited remotely?
CVE-2006-6397 is not considered exploitable remotely as the banner utility is not setuid.
What type of vulnerability is CVE-2006-6397?
CVE-2006-6397 is an integer overflow vulnerability that may allow local users to alter memory.

agent/references
agent/type
agent/severity
agent/weakness
agent/status
agent/description
collector/mitre-cve
source/MITRE
agent/event
agent/first-publish-date
agent/last-modified-date
agent/source
agent/author
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/netbsd
product/netbsd
canonical/netbsd netbsd
vendor/freebsd
product/freebsd
canonical/freebsd freebsd
vendor/openbsd
product/openbsd
canonical/openbsd openbsd
collector/nvd-index
agent/tags
agent/softwarecombine
canonical/freebsd kernel
version/freebsd kernel/6.2-stable
canonical/netbsd current
version/netbsd current/2.0.4
canonical/openbsd
status/disputed

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.