Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2006-4319 | First vendor Publication | 2006-08-23 |
Vendor | Cve | Last vendor Modification | 2018-10-30 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4319 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:2164 | |||
Oval ID: | oval:org.mitre.oval:def:2164 | ||
Title: | Security Vulnerability Due to Buffer Overflow in The format(1M) Command May Allow Privilege Elevation For Certain RBAC Profiles | ||
Description: | Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2006-4319 | Version: | 1 |
Platform(s): | Sun Solaris 8 Sun Solaris 9 Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-06-03 | Name : Solaris Update for /usr/sbin/format 113072-08 File : nvt/gb_solaris_113072_08.nasl |
2009-06-03 | Name : Solaris Update for format 114423-07 File : nvt/gb_solaris_114423_07.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
29555 | Solaris RBAC format Command Local Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-08-21 | Name : The remote host is missing Sun Security Patch number 114423-09 File : solaris9_x86_114423.nasl - Type : ACT_GATHER_INFO |
2006-08-04 | Name : The remote host is missing Sun Security Patch number 113072-08 File : solaris9_113072.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote host is missing Sun Security Patch number 118833-36 File : solaris10_118833.nasl - Type : ACT_GATHER_INFO |
2004-07-12 | Name : The remote host is missing Sun Security Patch number 108975-10 File : solaris8_108975.nasl - Type : ACT_GATHER_INFO |
2004-07-12 | Name : The remote host is missing Sun Security Patch number 108976-10 File : solaris8_x86_108976.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:04:28 |
|
2021-04-22 01:05:07 |
|
2020-05-23 00:18:16 |
|
2018-10-31 00:19:46 |
|
2017-10-11 09:23:44 |
|
2017-07-20 09:23:50 |
|
2016-06-28 15:55:27 |
|
2016-04-26 14:59:34 |
|
2014-02-17 10:36:58 |
|
2013-05-11 11:06:52 |
|