Vulnerabilities > CVE-2006-4307 - Local Privilege Escalation vulnerability in Sun Solaris Format(1M)
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary files via unspecified vectors involving profiles that permit running format with elevated privileges, a different issue than CVE-2006-4306 and CVE-2006-4319.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 4 |
Oval
| accepted | 2007-09-27T08:57:40.578-04:00 | ||||||||||||||||
| class | vulnerability | ||||||||||||||||
| contributors |
| ||||||||||||||||
| definition_extensions |
| ||||||||||||||||
| description | Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary files via unspecified vectors involving profiles that permit running format with elevated privileges, a different issue than CVE-2006-4306 and CVE-2006-4319. | ||||||||||||||||
| family | unix | ||||||||||||||||
| id | oval:org.mitre.oval:def:1573 | ||||||||||||||||
| status | accepted | ||||||||||||||||
| submitted | 2007-08-10T12:25:25.000-04:00 | ||||||||||||||||
| title | Security Vulnerability May Allow Users With the "File System Management" RBAC Profile to Gain Elevated Privileges | ||||||||||||||||
| version | 35 |
References
- http://secunia.com/advisories/21581
- http://secunia.com/advisories/22295
- http://securitytracker.com/id?1016726
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102514-1
- http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
- http://www.securityfocus.com/bid/19647
- http://www.vupen.com/english/advisories/2006/3355
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1573