Vulnerabilities > CVE-2006-6495 - Unspecified vulnerability in SUN Solaris and Sunos

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

sun

NVD

Published: 2006-12-13

Updated: 2024-11-21

Summary

Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via large precision padding values in a format string specifier in the format parameter of the doprf function. NOTE: this issue normally does not cross privilege boundaries, except in cases of external introduction of malicious message files, or if it is leveraged with other vulnerabilities such as CVE-2006-6494.

Vulnerable Configurations

Part	Description	Count
OS	Sun SUN Sunos 5.8 SUN Solaris 10.0 SUN Solaris 9.0	3

Oval

accepted

2007-09-27T08:57:42.313-04:00

class

vulnerability

contributors

name	Pai Peng
organization	Opsware, Inc.

definition_extensions

comment Solaris 8 (SPARC) is installed
oval oval:org.mitre.oval:def:1539
comment Solaris 9 (SPARC) is installed
oval oval:org.mitre.oval:def:1457
comment Solaris 10 (SPARC) is installed
oval oval:org.mitre.oval:def:1440
comment Solaris 8 (x86) is installed
oval oval:org.mitre.oval:def:2059
comment Solaris 9 (x86) is installed
oval oval:org.mitre.oval:def:1683
comment Solaris 10 (x86) is installed
oval oval:org.mitre.oval:def:1926

description

family

unix

oval:org.mitre.oval:def:1909

status

accepted

submitted

2007-08-10T12:25:21.000-04:00

title

Security Vulnerabilities in Solaris ld.so.1(1) may Lead to Execution of Arbitrary Code with Elevated Privileges

version

Summary

Vulnerable Configurations

Oval

References