Vulnerabilities > CVE-2006-4655 - Local Buffer Overflow vulnerability in X.Org X Window Server LibX11 XKEYBOARD Extension
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable value.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 | |
| OS | 6 |
Exploit-Db
description X11R6. CVE-2006-4655. Local exploit for solaris platform id EDB-ID:2360 last seen 2016-01-31 modified 2006-09-13 published 2006-09-13 reporter Marco Ivaldi source https://www.exploit-db.com/download/2360/ title X11R6 <= 6.4 XKEYBOARD - Local Buffer Overflow Exploit solaris/sparc description X11R6. CVE-2006-4655. Local exploit for solaris platform id EDB-ID:2331 last seen 2016-01-31 modified 2006-09-08 published 2006-09-08 reporter RISE Security source https://www.exploit-db.com/download/2331/ title X11R6 <= 6.4 XKEYBOARD - Local Buffer Overflow Exploit solaris/x86
Oval
| accepted | 2007-09-27T08:57:41.950-04:00 | ||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||
| description | Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable value. | ||||||||||||||||||||||||
| family | unix | ||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:1798 | ||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||
| submitted | 2007-08-10T12:25:24.000-04:00 | ||||||||||||||||||||||||
| title | Buffer Overflow Vulnerability in libX11 | ||||||||||||||||||||||||
| version | 36 |
References
- http://secunia.com/advisories/21815
- http://secunia.com/advisories/21845
- http://secunia.com/advisories/21856
- http://secunia.com/advisories/21993
- http://securityreason.com/securityalert/1545
- http://securitytracker.com/id?1016806
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102570-1
- http://support.avaya.com/elmodocs2/security/ASA-2006-195.htm
- http://www.risesecurity.org/advisory/RISE-2006001.txt
- http://www.securityfocus.com/archive/1/445579/100/0/threaded
- http://www.securityfocus.com/bid/19905
- http://www.vupen.com/english/advisories/2006/3525
- http://www.vupen.com/english/advisories/2006/3529
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28820
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1798