CVE-2006-5550

FreeBSD 6.1 and OpenBSD 4.0 - Denial of Service via /dev/crypto ioctl Requests

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-5550. PoCs published by Evgeny Legerov.

AI-analyzed exploit summary This exploit triggers a local kernel DoS in FreeBSD 6.1 by passing an invalid parameter to the /dev/crypto ioctl interface, causing a kernel crash. It leverages a vulnerability in the cryptographic device driver.

Description

The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause a denial of service via unspecified vectors involving certain ioctl requests to /dev/crypto.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Evgeny Legerov · cdosbsd

https://www.exploit-db.com/exploits/2639

View Code ZIP pw:eip

This exploit triggers a local kernel DoS in FreeBSD 6.1 by passing an invalid parameter to the /dev/crypto ioctl interface, causing a kernel crash. It leverages a vulnerability in the cryptographic device driver.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: FreeBSD 6.1

No auth needed

Prerequisites: Local access to the target system

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/20713

Exploit x_refsource_misc

http://elegerov.blogspot.com/2006/10/here-is-lame-proof-of-concept-code-for.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/22543

Scores

EPSS 0.0093

EPSS Percentile 56.0%

Details

Status published

Products (2)

freebsd/freebsd 6.1 release (3 CPE variants)

openbsd/openbsd 4.0

Published Oct 26, 2006

Tracked Since Feb 18, 2026