Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2006-1283 | First vendor Publication | 2006-03-23 |
Vendor | Cve | Last vendor Modification | 2017-07-20 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD 4.10-RELEASE-p22 through 6.1-STABLE before 20060322 uses the getlogin function to determine the invoking user account, which might allow local users to configure OPIE access to the root account and possibly gain root privileges if a root shell is permitted by the configuration of the wheel group or sshd. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1283 |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-09-04 | Name : FreeBSD Security Advisory (FreeBSD-SA-06:12.opie.asc) File : nvt/freebsdsa_opie.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
24067 | FreeBSD OPIE opiepasswd getlogin(2) Privilege Escalation opiepasswd contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when opiepasswd uses getlogin(2) to identify the user who called opiepasswd. Under certain circumstances getlogin(2) will return user "root" even when running as an unprivileged user. This flaw may lead to a loss of integrity. |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-02 01:03:56 |
|
2024-02-01 12:01:53 |
|
2023-09-05 12:03:41 |
|
2023-09-05 01:01:44 |
|
2023-09-02 12:03:45 |
|
2023-09-02 01:01:44 |
|
2023-08-12 12:04:22 |
|
2023-08-12 01:01:45 |
|
2023-08-11 12:03:49 |
|
2023-08-11 01:01:47 |
|
2023-08-06 12:03:35 |
|
2023-08-06 01:01:45 |
|
2023-08-04 12:03:39 |
|
2023-08-04 01:01:47 |
|
2023-07-14 12:03:39 |
|
2023-07-14 01:01:46 |
|
2023-03-29 01:03:52 |
|
2023-03-28 12:01:51 |
|
2022-10-11 12:03:15 |
|
2022-10-11 01:01:37 |
|
2021-05-04 12:03:48 |
|
2021-04-22 01:04:21 |
|
2020-05-23 00:17:32 |
|
2019-03-19 12:02:02 |
|
2017-07-20 09:23:26 |
|
2016-06-28 15:40:38 |
|
2016-04-26 14:24:52 |
|
2013-05-11 10:51:44 |
|