CVEブラウザに戻る

CVE-2006-6385

HIGH

7.2

CVSS Severity Score

EPSS Score0.0770%

EPSS Percentile4.17th

Published2006年12月8日

Last Modified2026年4月23日

Vulnerability Description

Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers (aka NDIS miniport drivers) before 20061205 allows local users to execute arbitrary code with "kernel-level" privileges via an incorrect function call in certain OID handlers.

Affected Platforms (CPE)

🔌

Intel

Pro 10 100 Adapters

<= 3.5.14

🔌

Intel

Pro 10 100 Adapters

<= 4.0.3

🔌

Intel

Pro 10 100 Adapters

<= 8.0.27.0

🔌

Intel

Pro 1000 Adapters

<= 7.2.7

🔌

Intel

Pro 1000 Adapters

<= 8.7.1.0

🔌

Intel

Pro 1000 Adapters

<= 9.0.15

🔌

Intel

Pro 1000 Pcie Adapters

<= 9.1.30.0

🔌

Intel

Pro 10gbe Adapters

<= 1.0.109

References & Advisories

🔗 http://lists.freebsd.org/pipermail/freebsd-security/2006-December/004186.html

🔗 http://research.eeye.com/html/advisories/published/AD20061207.html

🔗 http://research.eeye.com/html/advisories/upcoming/20060710.html

🔗 http://secunia.com/advisories/23221

🔗 http://securityreason.com/securityalert/2007

🔗 http://securitytracker.com/id?1017346

🔗 http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html

🔗 http://www.intel.com/support/network/sb/CS-023726.htm

関連する脆弱性情報

CVE-2006-100210.0

NETGEAR WGT624 Wireless DSL router has a default account of super_username "Gearguy" and super_passwd "Geardog", which allows remo...

CVE-2006-100010.0

Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and earlier allow remote attackers to execute arbitrary SQL co...

CVE-2006-097910.0

Unspecified vulnerability in the local weblog publisher in Nidelven IT Issue Dealer before 0.9.96 has unknown impact and attack ve...

CVE-2006-103810.0

Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier allows remote attackers to have an unknown impact wh...