Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2006-AVI-262
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités dans Apple MacOS X permettent à un utilisateur mal intentionné de porter atteinte à la confidentialité des données, de réaliser un déni de service ou d'exécuter du code arbitraire à distance sur la plate-forme vulnérable.
Description
De multiples vulnérabilités affectent Apple MacOS X :
- Une vulnérabilité dans le serveur AFP (Apple File Protocol) permet à un utilisateur mal intentionné de porter atteinte à la confidentialité des données (CVE-2006-1468) ;
- une vulnérabilité dans ClamAV permet à un utilisateur mal intentionné d'exécuter du code arbitraire à distance (CVE-2006-1989) ;
- une vulnérabilité dans ImageIO permet à un utilisateur mal intentionné d'exécuter du code arbitraire au moyen d'un fichier image au format TIFF habilement constitué (CVE-2006-1469) ;
- une vulnérabilité dans launchd permet à un utilisateur local authentifié d'élever ses privilèges (CVE-2006-1471) ;
- une vulnérabilité dans OpenLDAP permet à un utilisateur mal intentionné d'exécuter du code arbitraire à distance au moyen d'une requête LDAP habilement constituée (CVE-2006-1470).
Solution
Mettre à jour Apple MacOS X en version 10.4.7. Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
MacOS X 10.4 jusqu'à la version 10.4.6.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003eMacOS X 10.4 jusqu\u0027\u00e0 la version 10.4.6.\u003c/p\u003e",
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s affectent Apple MacOS X :\n\n- Une vuln\u00e9rabilit\u00e9 dans le serveur AFP (Apple File Protocol) permet \u00e0\n un utilisateur mal intentionn\u00e9 de porter atteinte \u00e0 la\n confidentialit\u00e9 des donn\u00e9es (CVE-2006-1468) ;\n- une vuln\u00e9rabilit\u00e9 dans ClamAV permet \u00e0 un utilisateur mal\n intentionn\u00e9 d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance (CVE-2006-1989)\n ;\n- une vuln\u00e9rabilit\u00e9 dans ImageIO permet \u00e0 un utilisateur mal\n intentionn\u00e9 d\u0027ex\u00e9cuter du code arbitraire au moyen d\u0027un fichier\n image au format TIFF habilement constitu\u00e9 (CVE-2006-1469) ;\n- une vuln\u00e9rabilit\u00e9 dans launchd permet \u00e0 un utilisateur local\n authentifi\u00e9 d\u0027\u00e9lever ses privil\u00e8ges (CVE-2006-1471) ;\n- une vuln\u00e9rabilit\u00e9 dans OpenLDAP permet \u00e0 un utilisateur mal\n intentionn\u00e9 d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance au moyen d\u0027une\n requ\u00eate LDAP habilement constitu\u00e9e (CVE-2006-1470).\n\n## Solution\n\nMettre \u00e0 jour Apple MacOS X en version 10.4.7. Se r\u00e9f\u00e9rer au bulletin de\ns\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section\nDocumentation).\n",
"cves": [
{
"name": "CVE-2006-1470",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-1470"
},
{
"name": "CVE-2006-1468",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-1468"
},
{
"name": "CVE-2006-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-1471"
},
{
"name": "CVE-2006-1989",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-1989"
},
{
"name": "CVE-2006-1469",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-1469"
}
],
"links": [],
"reference": "CERTA-2006-AVI-262",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2006-06-29T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s dans Apple MacOS X permettent \u00e0 un\nutilisateur mal intentionn\u00e9 de porter atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es, de r\u00e9aliser un d\u00e9ni de service ou d\u0027ex\u00e9cuter du code arbitraire\n\u00e0 distance sur la plate-forme vuln\u00e9rable.\n",
"title": "Vuln\u00e9rabilit\u00e9s de Apple MacOS X",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple du 27 juin 2006",
"url": "http://docs.info.apple.com/article.html?artnum=303973"
}
]
}
CVE-2006-1468 (GCVE-0-2006-1468)
Vulnerability from cvelistv5 – Published: 2006-06-27 21:00 – Updated: 2024-08-07 17:12
VLAI
EPSS
Summary
Unspecified vulnerability in Apple File Protocol (AFP) server in Apple Mac OS X 10.4 up to 10.4.6 includes the names of restricted files and folders within search results, which might allow remote attackers to obtain sensitive information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1016395 | vdb-entryx_refsource_SECTRACK |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://www.securityfocus.com/bid/18686 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/26930 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/18733 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/20877 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/2566 | vdb-entryx_refsource_VUPEN |
Date Public
2006-06-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:12:22.174Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016395",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016395"
},
{
"name": "APPLE-SA-2006-06-27",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"
},
{
"name": "18686",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18686"
},
{
"name": "26930",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/26930"
},
{
"name": "macosx-afp-information-disclosure(27477)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27477"
},
{
"name": "18733",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18733"
},
{
"name": "20877",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20877"
},
{
"name": "ADV-2006-2566",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2566"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Apple File Protocol (AFP) server in Apple Mac OS X 10.4 up to 10.4.6 includes the names of restricted files and folders within search results, which might allow remote attackers to obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016395",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016395"
},
{
"name": "APPLE-SA-2006-06-27",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"
},
{
"name": "18686",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18686"
},
{
"name": "26930",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/26930"
},
{
"name": "macosx-afp-information-disclosure(27477)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27477"
},
{
"name": "18733",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18733"
},
{
"name": "20877",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20877"
},
{
"name": "ADV-2006-2566",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2566"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1468",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Apple File Protocol (AFP) server in Apple Mac OS X 10.4 up to 10.4.6 includes the names of restricted files and folders within search results, which might allow remote attackers to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016395",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016395"
},
{
"name": "APPLE-SA-2006-06-27",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"
},
{
"name": "18686",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18686"
},
{
"name": "26930",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26930"
},
{
"name": "macosx-afp-information-disclosure(27477)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27477"
},
{
"name": "18733",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18733"
},
{
"name": "20877",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20877"
},
{
"name": "ADV-2006-2566",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2566"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1468",
"datePublished": "2006-06-27T21:00:00.000Z",
"dateReserved": "2006-03-28T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:12:22.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1469 (GCVE-0-2006-1469)
Vulnerability from cvelistv5 – Published: 2006-06-27 22:00 – Updated: 2024-08-07 17:12
VLAI
EPSS
Summary
Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.6 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://www.securityfocus.com/bid/18731 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/bid/18686 | vdb-entryx_refsource_BID |
| http://www.kb.cert.org/vuls/id/988356 | third-party-advisoryx_refsource_CERT-VN |
| http://www.osvdb.org/26931 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securitytracker.com/id?1016394 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/20877 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/2566 | vdb-entryx_refsource_VUPEN |
Date Public
2006-06-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:12:22.064Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2006-06-27",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"
},
{
"name": "18731",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18731"
},
{
"name": "18686",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18686"
},
{
"name": "VU#988356",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/988356"
},
{
"name": "26931",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/26931"
},
{
"name": "macosx-imageio-tiff-bo(27478)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27478"
},
{
"name": "1016394",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016394"
},
{
"name": "20877",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20877"
},
{
"name": "ADV-2006-2566",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2566"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.6 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "APPLE-SA-2006-06-27",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"
},
{
"name": "18731",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18731"
},
{
"name": "18686",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18686"
},
{
"name": "VU#988356",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/988356"
},
{
"name": "26931",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/26931"
},
{
"name": "macosx-imageio-tiff-bo(27478)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27478"
},
{
"name": "1016394",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016394"
},
{
"name": "20877",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20877"
},
{
"name": "ADV-2006-2566",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2566"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1469",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.6 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2006-06-27",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"
},
{
"name": "18731",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18731"
},
{
"name": "18686",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18686"
},
{
"name": "VU#988356",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/988356"
},
{
"name": "26931",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26931"
},
{
"name": "macosx-imageio-tiff-bo(27478)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27478"
},
{
"name": "1016394",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016394"
},
{
"name": "20877",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20877"
},
{
"name": "ADV-2006-2566",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2566"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1469",
"datePublished": "2006-06-27T22:00:00.000Z",
"dateReserved": "2006-03-28T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:12:22.064Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1470 (GCVE-0-2006-1470)
Vulnerability from cvelistv5 – Published: 2006-06-27 22:00 – Updated: 2024-08-07 17:12
VLAI
EPSS
Summary
OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://www.osvdb.org/26932 | vdb-entryx_refsource_OSVDB |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://www.securityfocus.com/bid/18686 | vdb-entryx_refsource_BID |
| http://securitytracker.com/id?1016396 | vdb-entryx_refsource_SECTRACK |
| http://www.kb.cert.org/vuls/id/652196 | third-party-advisoryx_refsource_CERT-VN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/18728 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/20877 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/2566 | vdb-entryx_refsource_VUPEN |
Date Public
2006-06-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:12:22.161Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26932",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/26932"
},
{
"name": "APPLE-SA-2006-06-27",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"
},
{
"name": "18686",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18686"
},
{
"name": "1016396",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016396"
},
{
"name": "VU#652196",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/652196"
},
{
"name": "macosx-openldap-directory-dos(27480)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27480"
},
{
"name": "18728",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18728"
},
{
"name": "20877",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20877"
},
{
"name": "ADV-2006-2566",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2566"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26932",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/26932"
},
{
"name": "APPLE-SA-2006-06-27",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"
},
{
"name": "18686",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18686"
},
{
"name": "1016396",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016396"
},
{
"name": "VU#652196",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/652196"
},
{
"name": "macosx-openldap-directory-dos(27480)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27480"
},
{
"name": "18728",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18728"
},
{
"name": "20877",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20877"
},
{
"name": "ADV-2006-2566",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2566"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1470",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26932",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26932"
},
{
"name": "APPLE-SA-2006-06-27",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"
},
{
"name": "18686",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18686"
},
{
"name": "1016396",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016396"
},
{
"name": "VU#652196",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/652196"
},
{
"name": "macosx-openldap-directory-dos(27480)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27480"
},
{
"name": "18728",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18728"
},
{
"name": "20877",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20877"
},
{
"name": "ADV-2006-2566",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2566"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1470",
"datePublished": "2006-06-27T22:00:00.000Z",
"dateReserved": "2006-03-28T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:12:22.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1471 (GCVE-0-2006-1471)
Vulnerability from cvelistv5 – Published: 2006-06-27 22:00 – Updated: 2024-08-07 17:12
VLAI
EPSS
Summary
Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a syslog call in the logging facility, as demonstrated by using a crafted plist file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://securitytracker.com/id?1016397 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/18686 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/438699/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/26933 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/20877 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/2566 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/18724 | vdb-entryx_refsource_BID |
Date Public
2006-06-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:12:22.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2006-06-27",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"
},
{
"name": "1016397",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016397"
},
{
"name": "18686",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18686"
},
{
"name": "macosx-launchd-format-string(27479)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27479"
},
{
"name": "20060629 DMA[2006-0628a] - \u0027Apple OSX launchd unformatted syslog() vulnerability\u0027",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/438699/100/0/threaded"
},
{
"name": "26933",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/26933"
},
{
"name": "20877",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20877"
},
{
"name": "ADV-2006-2566",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2566"
},
{
"name": "18724",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18724"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a syslog call in the logging facility, as demonstrated by using a crafted plist file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "APPLE-SA-2006-06-27",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"
},
{
"name": "1016397",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016397"
},
{
"name": "18686",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18686"
},
{
"name": "macosx-launchd-format-string(27479)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27479"
},
{
"name": "20060629 DMA[2006-0628a] - \u0027Apple OSX launchd unformatted syslog() vulnerability\u0027",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/438699/100/0/threaded"
},
{
"name": "26933",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/26933"
},
{
"name": "20877",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20877"
},
{
"name": "ADV-2006-2566",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2566"
},
{
"name": "18724",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18724"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1471",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a syslog call in the logging facility, as demonstrated by using a crafted plist file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2006-06-27",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"
},
{
"name": "1016397",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016397"
},
{
"name": "18686",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18686"
},
{
"name": "macosx-launchd-format-string(27479)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27479"
},
{
"name": "20060629 DMA[2006-0628a] - \u0027Apple OSX launchd unformatted syslog() vulnerability\u0027",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438699/100/0/threaded"
},
{
"name": "26933",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26933"
},
{
"name": "20877",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20877"
},
{
"name": "ADV-2006-2566",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2566"
},
{
"name": "18724",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18724"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1471",
"datePublished": "2006-06-27T22:00:00.000Z",
"dateReserved": "2006-03-28T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:12:22.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1989 (GCVE-0-2006-1989)
Vulnerability from cvelistv5 – Published: 2006-05-01 19:00 – Updated: 2024-08-07 17:35
VLAI
EPSS
Summary
Buffer overflow in the get_database function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
24 references
Date Public
2006-05-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:35:29.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2006-06-27",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"
},
{
"name": "20159",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20159"
},
{
"name": "MDKSA-2006:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:080"
},
{
"name": "VU#599220",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/599220"
},
{
"name": "19963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19963"
},
{
"name": "ADV-2006-1586",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1586"
},
{
"name": "clamav-freshclam-http-bo(26182)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26182"
},
{
"name": "1016392",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016392"
},
{
"name": "19964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19964"
},
{
"name": "2006-0024",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0024"
},
{
"name": "19912",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19912"
},
{
"name": "SUSE-SA:2006:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_05_05.html"
},
{
"name": "19880",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19880"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.clamav.net/security/0.88.2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kolab.org/security/kolab-vendor-notice-09.txt"
},
{
"name": "25120",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25120"
},
{
"name": "SUSE-SR:2006:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html"
},
{
"name": "20117",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20117"
},
{
"name": "DSA-1050",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1050"
},
{
"name": "GLSA-200605-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200605-03.xml"
},
{
"name": "20877",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20877"
},
{
"name": "ADV-2006-2566",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2566"
},
{
"name": "17754",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17754"
},
{
"name": "19874",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19874"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the get_database function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "APPLE-SA-2006-06-27",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"
},
{
"name": "20159",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20159"
},
{
"name": "MDKSA-2006:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:080"
},
{
"name": "VU#599220",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/599220"
},
{
"name": "19963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19963"
},
{
"name": "ADV-2006-1586",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1586"
},
{
"name": "clamav-freshclam-http-bo(26182)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26182"
},
{
"name": "1016392",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016392"
},
{
"name": "19964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19964"
},
{
"name": "2006-0024",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0024"
},
{
"name": "19912",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19912"
},
{
"name": "SUSE-SA:2006:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_05_05.html"
},
{
"name": "19880",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19880"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.clamav.net/security/0.88.2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kolab.org/security/kolab-vendor-notice-09.txt"
},
{
"name": "25120",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25120"
},
{
"name": "SUSE-SR:2006:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html"
},
{
"name": "20117",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20117"
},
{
"name": "DSA-1050",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1050"
},
{
"name": "GLSA-200605-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200605-03.xml"
},
{
"name": "20877",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20877"
},
{
"name": "ADV-2006-2566",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2566"
},
{
"name": "17754",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17754"
},
{
"name": "19874",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19874"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1989",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the get_database function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2006-06-27",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"
},
{
"name": "20159",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20159"
},
{
"name": "MDKSA-2006:080",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:080"
},
{
"name": "VU#599220",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/599220"
},
{
"name": "19963",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19963"
},
{
"name": "ADV-2006-1586",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1586"
},
{
"name": "clamav-freshclam-http-bo(26182)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26182"
},
{
"name": "1016392",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016392"
},
{
"name": "19964",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19964"
},
{
"name": "2006-0024",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0024"
},
{
"name": "19912",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19912"
},
{
"name": "SUSE-SA:2006:025",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_05_05.html"
},
{
"name": "19880",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19880"
},
{
"name": "http://www.clamav.net/security/0.88.2.html",
"refsource": "CONFIRM",
"url": "http://www.clamav.net/security/0.88.2.html"
},
{
"name": "http://kolab.org/security/kolab-vendor-notice-09.txt",
"refsource": "CONFIRM",
"url": "http://kolab.org/security/kolab-vendor-notice-09.txt"
},
{
"name": "25120",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25120"
},
{
"name": "SUSE-SR:2006:010",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html"
},
{
"name": "20117",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20117"
},
{
"name": "DSA-1050",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1050"
},
{
"name": "GLSA-200605-03",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200605-03.xml"
},
{
"name": "20877",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20877"
},
{
"name": "ADV-2006-2566",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2566"
},
{
"name": "17754",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17754"
},
{
"name": "19874",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19874"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1989",
"datePublished": "2006-05-01T19:00:00.000Z",
"dateReserved": "2006-04-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:35:29.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…