CVE-2006-7254

MEDIUM

5.5

CVSS Severity Score

EPSS Score0.1740%

EPSS Percentile0.06th

PublishedApr 10, 2019

Last ModifiedNov 21, 2024

Vulnerability Description

The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon.

Affected Platforms (CPE)

📦

Gnu

Glibc

< 2.5

References & Advisories

🔗 https://sourceware.org/bugzilla/show_bug.cgi?id=2498

Related Vulnerabilities

CVE-2015-023510.0

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows con...

CVE-2019-142719.8

In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility...

CVE-2019-91699.8

In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via...

CVE-2021-277089.8

Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu...