CVE-2006-6418

EPSS 0.19%
Published 10.12.2006 11:28:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREAD_CONFIG environment variable.

Affected products Warnungen 0 Metrics 2 CWE 1 References 10

Data is provided by the National Vulnerability Database (NVD)

Hp ≫ Tru64 Version4.0f Updatepk8

Hp ≫ Tru64 Version4.0g Updatepk4

Hp ≫ Tru64 Version5.1a Updatepk6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.19%	0.413

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://secunia.com/advisories/22743

Vendor Advisory

http://securitytracker.com/id?1017211

http://www.netragard.com/pdfs/research/HP-TRU64-LIBPTHREAD-20060811.txt

http://www.securityfocus.com/bid/21035

http://www.vupen.com/english/advisories/2006/4483

Vendor Advisory

http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00800193

https://exchange.xforce.ibmcloud.com/vulnerabilities/30178

https://nvd.nist.gov/vuln/detail/CVE-2006-6418

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-6418

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-6418

EUVD