Executive Summary

Informations
Name CVE-2006-1782 First vendor Publication 2006-04-13
Vendor Cve Last vendor Modification 2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score 2.1 Attack Range Local
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Unspecified vulnerability in Solaris 8 and 9 allows local users to obtain the LDAP Directory Server root Distinguished Name (rootDN) password when a privileged user (1) runs idsconfig; or "insecurely" runs LDAP2 commands with the -w option, including (2) ldapadd, (3) ldapdelete, (4) ldapmodify, (5) ldapmodrdn, and (6) ldapsearch.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1782

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:1840
 
Oval ID: oval:org.mitre.oval:def:1840
Title: LDAP rootDN Password Disclosure Vulnerability
Description: Unspecified vulnerability in Solaris 8 and 9 allows local users to obtain the LDAP Directory Server root Distinguished Name (rootDN) password when a privileged user (1) runs idsconfig; or "insecurely" runs LDAP2 commands with the -w option, including (2) ldapadd, (3) ldapdelete, (4) ldapmodify, (5) ldapmodrdn, and (6) ldapsearch.
Family: unix Class: vulnerability
Reference(s): CVE-2006-1782
 Version: 1
Platform(s): Sun Solaris 8
Sun Solaris 9
 Product(s): LDAP
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 1
Os 1

OpenVAS Exploits

Date Description
2009-06-03 Name : Solaris Update for /usr/lib/ldap/idsconfig 115678-02
File : nvt/gb_solaris_115678_02.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
24568 Solaris LDAP2 ldapsearch rootDN Password Local Disclosure

Solaris contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the ldapsearch utility in the LDAP2 suite is manipulated in such a way to disclose the rootDN (Directory Server root Distinguished Name). No further details have been provided.
24567 Solaris LDAP2 ldapmodrdn rootDN Password Local Disclosure

Solaris contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the ldapmodrdn utility in the LDAP2 suite is manipulated in such a way to disclose the rootDN (Directory Server root Distinguished Name). No further details have been provided.
24566 Solaris LDAP2 ldapmodify rootDN Password Local Disclosure

Solaris contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the ldapmodify utility in the LDAP2 suite is manipulated in such a way to disclose the rootDN (Directory Server root Distinguished Name). No further details have been provided.
24565 Solaris LDAP2 ldapdelete rootDN Password Local Disclosure

Solaris contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the ldapdelete utility in the LDAP2 suite is manipulated in such a way to disclose the rootDN (Directory Server root Distinguished Name). No further details have been provided.
24564 Solaris LDAP2 ldapadd rootDN Password Local Disclosure

Solaris contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the ldapadd utility in the LDAP2 suite is manipulated in such a way to disclose the rootDN (Directory Server root Distinguished Name). No further details have been provided.
24563 Solaris LDAP2 idsconfig rootDN Password Local Disclosure

Solaris contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the idsconfig utility in the LDAP2 suite is manipulated in such a way to disclose the rootDN (Directory Server root Distinguished Name). No further details have been provided.

Sources (Detail)

http://secunia.com/advisories/19638
http://secunia.com/advisories/21493
http://securitytracker.com/id?1015903
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102113-1
http://support.avaya.com/elmodocs2/security/ASA-2006-122.htm
http://www.osvdb.org/24563
http://www.osvdb.org/24564
http://www.osvdb.org/24565
http://www.osvdb.org/24566
http://www.osvdb.org/24567
http://www.osvdb.org/24568
http://www.securityfocus.com/bid/17479
http://www.vupen.com/english/advisories/2006/1334
https://exchange.xforce.ibmcloud.com/vulnerabilities/25747
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
Date Informations
2024-11-28 23:20:45
  • Multiple Updates
2024-11-28 12:08:43
  • Multiple Updates
2021-05-04 12:03:55
  • Multiple Updates
2021-04-22 01:04:28
  • Multiple Updates
2020-05-23 00:17:39
  • Multiple Updates
2018-10-31 00:19:45
  • Multiple Updates
2017-10-11 09:23:40
  • Multiple Updates
2017-07-20 09:23:30
  • Multiple Updates
2016-06-28 15:43:39
  • Multiple Updates
2016-04-26 14:30:23
  • Multiple Updates
2013-05-11 10:54:10
  • Multiple Updates