Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1863

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2006-1863
Last Modified 03 Aug 2013 01:41:19
Published 25 Apr 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-1863

Summary

Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1864.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.17


References

CONFIRM - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189434

CONFIRM - http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=296034f7de8bdf111984ce1630ac598a9c94a253

VUPEN - ADV-2006-2554

VUPEN - ADV-2006-1542

REDHAT - RHBA-2007-0304

XF - kernel-cifs-directory-traversal(26141)

TRUSTIX - 2006-0024

BID - 17742

OSVDB - 25068

SUSE - SUSE-SA:2006:028

MANDRIVA - MDKSA-2006:151

MANDRIVA - MDKSA-2006:150

CONFIRM - http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.11

DEBIAN - DSA-1103

SECUNIA - 21614

SECUNIA - 20914

SECUNIA - 20398

SECUNIA - 19868


Last Updated: 27 May 2016 10:42:14