{
  "id": "CVE-2010-4342",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2010-12-30T19:00:04.567",
  "lastModified": "2023-02-13T04:28:34.340",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "The aun_incoming function in net/econet/af_econet.c in the Linux kernel before 2.6.37-rc6, when Econet is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending an Acorn Universal Networking (AUN) packet over UDP."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n aun_incoming en net/econet/af_econet.c en el kernel de Linux anterior a v2.6.37-rc6, cuando Econet est\u00e1 activado, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (desreferencia a un puntero NULL y OOPS) mediante el env\u00edo de un paquete Acorn Universal Networking (AUN)sobre UDP."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "2.6.37",
              "matchCriteriaId": "76630B45-B590-4651-972E-F938A83010C0"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:-:*:*:*:*:*:*",
              "matchCriteriaId": "79F8D440-02E8-4BF7-8F56-31E4F349166B"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "2EA6C6E6-CAD5-4D43-AD96-66D5ACBB91CE"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "71905CF7-7C7B-43AC-970D-D3187A807903"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "201421C9-E054-4FEB-A37A-8C314F242FBC"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "F157225D-C62C-465D-A758-DE6A6C48C397"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "77BB49A9-39D0-49C4-A241-D1537590F508"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD2D897-E321-4CED-92E0-11A98B52053C"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e085e76cbe558b79b54cbab772f61185879bc64",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html",
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://marc.info/?l=linux-netdev&m=129185496013580&w=2",
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://marc.info/?l=linux-netdev&m=129186011218615&w=2",
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch",
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://openwall.com/lists/oss-security/2010/12/09/1",
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://openwall.com/lists/oss-security/2010/12/09/2",
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://secunia.com/advisories/43291",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc6",
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/45321",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ]
    },
    {
      "url": "http://www.vupen.com/english/advisories/2011/0375",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    }
  ]
}