7.2 - CVE-2006-0531

Executive Summary

Informations
Name	CVE-2006-0531	First vendor Publication	2006-02-03
Vendor	Cve	Last vendor Modification	2017-10-11

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	7.2	Attack Range	Local
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	3.9	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "root" to bypass authentication and gain top-level administrator privileges via the amadmin CLI tool.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0531

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:360

Oval ID:	oval:org.mitre.oval:def:360
Title:	Sun Java System Access Manager Local Authentication Bypass Vulnerability
Description:	Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "root" to bypass authentication and gain top-level administrator privileges via the amadmin CLI tool.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2006-0531	Version:	2
Platform(s):	Sun Solaris 10 Sun Solaris 9 Sun Solaris 8	Product(s):	Access Manager
Definition Synopsis:
SPARC AND Sun Java System Access Manager 7 is installed AND NOT Patch 120954-01 or later installed

Definition Id: oval:org.mitre.oval:def:755

Oval ID:	oval:org.mitre.oval:def:755
Title:	Sun Java System Access Manager Local Authentication Bypass Vulnerability
Description:	Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "root" to bypass authentication and gain top-level administrator privileges via the amadmin CLI tool.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2006-0531	Version:	2
Platform(s):	Sun Solaris 10 Sun Solaris 9	Product(s):	Access Manager
Definition Synopsis:
x86 AND Sun Java System Access Manager 7 is installed AND NOT Patch 120955-01 or later installed

CPE : Common Platform Enumeration

Type	Description	Count
Application	Sun Java System Access Manager cpe:2.3:a:sun:java_system_access_manager:7.0::linux::::: cpe:2.3:a:sun:java_system_access_manager:7.0::solaris_s::::: cpe:2.3:a:sun:java_system_access_manager:7.0::solaris_x:::::	3

Open Source Vulnerability Database (OSVDB)

Id	Description
22914	Sun Java System Access Manager Administrator amadmin Local Privilege Escalation

Nessus® Vulnerability Scanner

Date	Description
2009-04-23	Name : The remote host is missing Sun Security Patch number 120954-12 File : solaris10_120954.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote host is missing Sun Security Patch number 120955-12 File : solaris10_x86_120955.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote host is missing Sun Security Patch number 120954-12 File : solaris8_120954.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote host is missing Sun Security Patch number 120954-12 File : solaris9_120954.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote host is missing Sun Security Patch number 120955-12 File : solaris9_x86_120955.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
BID	http://www.securityfocus.com/bid/16474
OVAL	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova... https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
SECTRACK	http://securitytracker.com/id?1015567
SECUNIA	http://secunia.com/advisories/18699
SUNALERT	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102140-1
VUPEN	http://www.vupen.com/english/advisories/2006/0430
XF	https://exchange.xforce.ibmcloud.com/vulnerabilities/24423

Alert History

If you want to see full details history, please login or register.

Date	Informations
2021-05-04 12:03:40	Multiple Updates
2021-04-22 01:04:12	Multiple Updates
2020-05-23 00:17:23	Multiple Updates
2017-10-11 09:23:37	Multiple Updates
2017-07-20 09:23:20	Multiple Updates
2016-04-26 14:16:25	Multiple Updates
2014-02-17 10:34:35	Multiple Updates
2013-05-11 10:48:39	Multiple Updates

Type	Count
Oval ID(s)	2
CPE ID(s)	3
Sources(s)	8
osvdb(s)	1
Nessus® Exploit(s)	5

7.2 - CVE-2006-0531

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

OVAL Definitions

CPE : Common Platform Enumeration

Open Source Vulnerability Database (OSVDB)

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU