FKIE_CVE-2006-5452

Vulnerability from fkie_nvd - Published: 2006-10-23 17:07 - Updated: 2025-04-09 00:30
Severity ?
Summary
Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.
References
cve@mitre.orghttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091
cve@mitre.orghttp://secunia.com/advisories/22451
cve@mitre.orghttp://secunia.com/advisories/22528
cve@mitre.orghttp://securitytracker.com/id?1017083
cve@mitre.orghttp://securitytracker.com/id?1017098Patch
cve@mitre.orghttp://securitytracker.com/id?1017099Patch
cve@mitre.orghttp://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txtVendor Advisory
cve@mitre.orghttp://www.securityfocus.com/archive/1/449321/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/20580
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/4139
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/4140
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/29644
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175
af854a3a-2127-422b-91ae-364da2661108http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22451
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22528
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1017083
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1017098Patch
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1017099Patch
af854a3a-2127-422b-91ae-364da2661108http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txtVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/449321/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/20580
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/4139
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/4140
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/29644
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175
Impacted products
Vendor Product Version
hp hp-ux 11.00
hp hp-ux 11.4
hp hp-ux 11.11
hp hp-ux 11.22
hp hp-ux 11.23
hp tru64 4.0f
hp tru64 4.0f
hp tru64 4.0g
hp tru64 4.0g
hp tru64 5.0a
hp tru64 5.1
hp tru64 5.1a
hp tru64 5.1a
hp tru64 5.1af
hp tru64 5.1b
hp tru64 5.1b2
hp tru64 5.1b3
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F038B325-A982-43FB-9146-E103CCFB5C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBD0DC0A-ACAD-4870-9C0F-3095F2AC8CCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:ia64_64-bit:*:*:*:*:*",
              "matchCriteriaId": "D73D159B-C3D8-4BBD-8BAA-E9E8D3AD3A04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:tru64:4.0f:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E8BA552-394A-4E06-8CAD-24A2F542FD91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:tru64:4.0f:pk8:*:*:*:*:*:*",
              "matchCriteriaId": "884D55C0-F5EB-484E-8886-1C6C12320BCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:tru64:4.0g:*:*:*:*:*:*:*",
              "matchCriteriaId": "E43FAAEF-B0DD-466F-A74E-43CBA4CCF7E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:tru64:4.0g:pk4:*:*:*:*:*:*",
              "matchCriteriaId": "5A788DB8-B738-4498-9C0B-68FCB92086F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:tru64:5.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3F90BA0-45D4-4089-BFBC-69FD1DB10C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:tru64:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5840611-A108-48EE-9D5A-4B6DA0621FF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:tru64:5.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "684BEA17-3BFC-4C30-9E8A-411D9D057354",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:tru64:5.1a:pk6:*:*:*:*:*:*",
              "matchCriteriaId": "BA274FCB-748E-4EEB-9C77-DD5DF1ABB303",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:tru64:5.1af:*:*:*:*:*:*:*",
              "matchCriteriaId": "1839F0EE-84D7-4055-A044-5AB5E350225E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:tru64:5.1b:pk1:*:*:*:*:*:*",
              "matchCriteriaId": "7ABA8226-9F76-4D11-9C5E-7563B7774952",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:tru64:5.1b2:pk4:*:*:*:*:*:*",
              "matchCriteriaId": "91D70045-53B0-477E-BEA2-6B04808785DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:tru64:5.1b3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E02E8BEA-D9EC-4375-917F-BAF20CA79FD8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en dtmail en HP Tru64 UNIX 4.0F hasta 5.1B, y HP-UX B.11.00 hasta B.11.23 permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n mediante un argumento -a (o attachment) muy largo."
    }
  ],
  "id": "CVE-2006-5452",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-10-23T17:07:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/22451"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/22528"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1017083"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1017098"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1017099"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/449321/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/20580"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/4139"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/4140"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29644"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22451"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22528"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1017083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1017098"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1017099"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/449321/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/20580"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/4139"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/4140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.