CVE-2006-4319

Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102519-1	Patch
http://securitytracker.com/id?1016727
http://secunia.com/advisories/21581	Patch Vendor Advisory
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
http://secunia.com/advisories/22295
http://www.securityfocus.com/bid/19657
http://www.vupen.com/english/advisories/2006/3355
https://exchange.xforce.ibmcloud.com/vulnerabilities/28519
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2164

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:sun:solaris:10.0::64_bit:::::
	cpe:2.3:o:sun:solaris:10.0::sparc:::::
	cpe:2.3:o:sun:sunos:5.8:::::::*
	cpe:2.3:o:sun:solaris:8.0::sparc:::::
	cpe:2.3:o:sun:solaris:9.0:x86_update_2::::::
	cpe:2.3:o:sun:sunos:5.9:::::::*
	cpe:2.3:o:sun:solaris:10.0::x86:::::
	cpe:2.3:o:sun:solaris:10.0:hw2::::::
	cpe:2.3:o:sun:solaris:9.0::sparc:::::
	cpe:2.3:o:sun:solaris:9.0::x86:::::
	cpe:2.3:o:sun:sunos:5.10:::::::*
	cpe:2.3:o:sun:solaris:8.0:beta::::::
	cpe:2.3:o:sun:solaris:8.0::x86:::::

Information

Published : 2006-08-23 18:04

Updated : 2018-10-30 09:26

NVD link : CVE-2006-4319

Mitre link : CVE-2006-4319

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

sun

sunos
solaris

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102519-1", "name": "102519", "tags": ["Patch"], "refsource": "SUNALERT"}, {"url": "http://securitytracker.com/id?1016727", "name": "1016727", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/21581", "name": "21581", "tags": ["Patch", "Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm", "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm", "tags": [], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/22295", "name": "22295", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.securityfocus.com/bid/19657", "name": "19657", "tags": [], "refsource": "BID"}, {"url": "http://www.vupen.com/english/advisories/2006/3355", "name": "ADV-2006-3355", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28519", "name": "solaris-format-rbac-bo(28519)", "tags": [], "refsource": "XF"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2164", "name": "oval:org.mitre.oval:def:2164", "tags": [], "refsource": "OVAL"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the \"File System Management\" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-4319", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2006-08-24T01:04Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:sun:solaris:10.0:*:64_bit:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:solaris:8.0:*:sparc:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:solaris:10.0:hw2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:solaris:8.0:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-30T16:26Z"}