Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0178

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2006-0178
Last Modified 05 Sep 2008 04:58:33
Published 11 Jan 2006 04:03:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-0178

Summary

Format string vulnerability in /bin/ftp in UNICOS 9.0.2.2 allows local users to have an unknown impact via format string specifiers in the quote command. NOTE: because the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability.

Vulnerable Systems

Operating System

  • Cray Unicos 9.0.2.2


References

BID - 16205

FULLDISC - 20060110 SUID root overflows in UNICOS and partial shellcode

XF - unicos-ftp-format-string(24277)


Last Updated: 27 May 2016 10:41:34