CVEs-PoC/2006/CVE-2006-2093.md

### [CVE-2006-2093](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2093)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Nessus before 2.2.8, and 3.x before 3.0.3, allows user-assisted attackers to cause a denial of service (memory consumption) via a NASL script that calls split with an invalid sep parameter.  NOTE: a design goal of the NASL language is to facilitate sharing of security tests by guaranteeing that a script "can not do anything nasty."  This issue is appropriate for CVE only if Nessus users have an expectation that a split statement will not use excessive memory.

### POC

#### Reference
- http://securityreason.com/securityalert/817

#### Github
No PoCs found on GitHub currently.