Vulnerabilities > CVE-2006-0178 - Local Command Line Argument Buffer Overflow vulnerability in Cray Unicos 9.0.2.2

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

cray

NVD

Published: 2006-01-11

Updated: 2017-07-20

Summary

Format string vulnerability in /bin/ftp in UNICOS 9.0.2.2 allows local users to have an unknown impact via format string specifiers in the quote command. NOTE: because the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability.

Vulnerable Configurations

Part	Description	Count
OS	Cray Cray Unicos 9.0.2.2	1

References

http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0343.html
http://www.securityfocus.com/bid/16205
https://exchange.xforce.ibmcloud.com/vulnerabilities/24277