CVE-2006-6418

EPSS 0.19%
Veröffentlicht 10.12.2006 11:28:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREAD_CONFIG environment variable.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hp ≫ Tru64 Version4.0f Updatepk8

Hp ≫ Tru64 Version4.0g Updatepk4

Hp ≫ Tru64 Version5.1a Updatepk6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.19%	0.413

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://secunia.com/advisories/22743

Vendor Advisory

http://securitytracker.com/id?1017211

http://www.netragard.com/pdfs/research/HP-TRU64-LIBPTHREAD-20060811.txt

http://www.securityfocus.com/bid/21035

http://www.vupen.com/english/advisories/2006/4483

Vendor Advisory

http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00800193

https://exchange.xforce.ibmcloud.com/vulnerabilities/30178

https://nvd.nist.gov/vuln/detail/CVE-2006-6418

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-6418

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-6418

EUVD