NVD

Id
60798  
Name
CVE-2006-2093  
Description
Nessus before 2.2.8, and 3.x before 3.0.3, allows user-assisted attackers to cause a denial of service (memory consumption) via a NASL script that calls split with an invalid sep parameter. NOTE: a design goal of the NASL language is to facilitate sharing of security tests by guaranteeing that a script "can not do anything nasty." This issue is appropriate for CVE only if Nessus users have an expectation that a split statement will not use excessive memory.  
Reject
 
CVSS Version
2  
CVSS Score
2.6  
Severity
Low  
CVSS Base Score
2.6  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:N/I:N/A:P)  
Pub Date
2016-12-20  
Published
2006-04-29  
Modified Date
2011-09-01  
Seq
2006-2093  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
313959 60798 CVE-2006-2093 817  View
313960 60798 CVE-2006-2093 1015996  View
313961 60798 CVE-2006-2093 20060425 NASL "Split" function Buffer overflow Vulnerability  View
313962 60798 CVE-2006-2093 20060425 Re: NASL "Split" function Buffer overflow Vulnerability  View
313963 60798 CVE-2006-2093 20060425 Re: NASL "Split" function Buffer overflow Vulnerability  View
313964 60798 CVE-2006-2093 USN-279-1  View
313965 60798 CVE-2006-2093 ADV-2006-1541  View
313966 60798 CVE-2006-2093 nessus-nasl-split-dos(26034)  View

Related JVN