CVE-2006-5654 - Vulnerability Details - OpenCVE

Unspecified vulnerability in the Network Security Services (NSS) in Sun Java System Web Server 6.0 before SP 10 and ONE Application Server 7 before Update 3, when SSLv2 is enabled, allows remote authenticated users to cause a denial of service (application crash) via unspecified vectors. NOTE: due to lack of details from the vendor, it is unclear whether this is related to vector 1 in CVE-2006-5201 or CVE-2006-3127.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sun	Java System Web Server One Application Server

Configuration 1 [-]

OR	cpe:2.3:a:sun:java_system_web_server:6.0:sp9::::::
	cpe:2.3:a:sun:one_application_server::update_2::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/22646
http://securitytracker.com/id?1017143
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1
http://www.securityfocus.com/bid/20846
http://www.vupen.com/english/advisories/2006/4299
https://exchange.xforce.ibmcloud.com/vulnerabilities/29946

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-11-03T00:00:00

Updated: 2024-08-07T19:55:53.902Z

Reserved: 2006-11-02T00:00:00

Link: CVE-2006-5654

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-11-03T00:07:00.000

Modified: 2024-11-21T00:20:04.790

Link: CVE-2006-5654

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-10-31T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Network Security Services (NSS) in Sun Java System Web Server 6.0 before SP 10 and ONE Application Server 7 before Update 3, when SSLv2 is enabled, allows remote authenticated users to cause a denial of service (application crash) via unspecified vectors. NOTE: due to lack of details from the vendor, it is unclear whether this is related to vector 1 in CVE-2006-5201 or CVE-2006-3127."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-19T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "sun-java-nss-dos(29946)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29946"}, {"name": "22646", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/22646"}, {"name": "102670", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1"}, {"name": "1017143", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017143"}, {"name": "ADV-2006-4299", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/4299"}, {"name": "20846", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/20846"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-5654", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Network Security Services (NSS) in Sun Java System Web Server 6.0 before SP 10 and ONE Application Server 7 before Update 3, when SSLv2 is enabled, allows remote authenticated users to cause a denial of service (application crash) via unspecified vectors. NOTE: due to lack of details from the vendor, it is unclear whether this is related to vector 1 in CVE-2006-5201 or CVE-2006-3127."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "sun-java-nss-dos(29946)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29946"}, {"name": "22646", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22646"}, {"name": "102670", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1"}, {"name": "1017143", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017143"}, {"name": "ADV-2006-4299", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/4299"}, {"name": "20846", "refsource": "BID", "url": "http://www.securityfocus.com/bid/20846"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T19:55:53.902Z"}, "title": "CVE Program Container", "references": [{"name": "sun-java-nss-dos(29946)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29946"}, {"name": "22646", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/22646"}, {"name": "102670", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1"}, {"name": "1017143", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017143"}, {"name": "ADV-2006-4299", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/4299"}, {"name": "20846", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/20846"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-5654", "datePublished": "2006-11-03T00:00:00", "dateReserved": "2006-11-02T00:00:00", "dateUpdated": "2024-08-07T19:55:53.902Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sun:java_system_web_server:6.0:sp9:*:*:*:*:*:*", "matchCriteriaId": "EBD38B0A-EB9B-4556-B6DE-A7598ACC04AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:one_application_server:*:update_2:*:*:*:*:*:*", "matchCriteriaId": "7D7E85C7-BA03-4107-9EF4-13BC2C6472DA", "versionEndIncluding": "7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Network Security Services (NSS) in Sun Java System Web Server 6.0 before SP 10 and ONE Application Server 7 before Update 3, when SSLv2 is enabled, allows remote authenticated users to cause a denial of service (application crash) via unspecified vectors. NOTE: due to lack of details from the vendor, it is unclear whether this is related to vector 1 in CVE-2006-5201 or CVE-2006-3127."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Network Security Services (NSS) de Sun Java System Web Server 6.0 versiones anteriores a SP 10 y ONE Application Server 7 anteriores a Update 3, cuando SSLv2 est\u00e1 habilitado, permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (fallo de aplicaci\u00f3n) mediante vectores no especificados. NOTA: debido a la falta de detalles por parte del fabricanet, no est\u00e1 claro si esto est\u00e1 relacionado con el vector 1 en CVE-2006-5201."}], "id": "CVE-2006-5654", "lastModified": "2024-11-21T00:20:04.790", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-11-03T00:07:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/22646"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1017143"}, {"source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/20846"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/4299"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29946"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/22646"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1017143"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/20846"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/4299"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29946"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}