Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2409

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2006-2409
Last Modified 07 Mar 2011 12:00:00
Published 16 May 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-2409

Summary

Format string vulnerability in the raydium_log function in console.c in Raydium before SVN revision 310 allows local users to execute arbitrary code via format string specifiers in the format parameter, which are not properly handled in a call to raydium_console_line_add.

Vulnerable Systems

Application

  • Raydium Svn Revision 283

  • Raydium Svn Revision 284

  • Raydium Svn Revision 285

  • Raydium Svn Revision 286

  • Raydium Svn Revision 287

  • Raydium Svn Revision 288

  • Raydium Svn Revision 289

  • Raydium Svn Revision 290

  • Raydium Svn Revision 291

  • Raydium Svn Revision 292

  • Raydium Svn Revision 293

  • Raydium Svn Revision 294

  • Raydium Svn Revision 295

  • Raydium Svn Revision 296

  • Raydium Svn Revision 297

  • Raydium Svn Revision 298

  • Raydium Svn Revision 299

  • Raydium Svn Revision 300

  • Raydium Svn Revision 301

  • Raydium Svn Revision 302

  • Raydium Svn Revision 303

  • Raydium Svn Revision 304

  • Raydium Svn Revision 305

  • Raydium Svn Revision 306

  • Raydium Svn Revision 307

  • Raydium Svn Revision 308

  • Raydium Svn Revision 309


References

SECUNIA - 20097

XF - raydium-raydiumlog-format-string(26514)

VUPEN - ADV-2006-1808

BID - 17986

BUGTRAQ - 20060512 Multiple vulnerabilities in Raydium rev 309

SREASON - 900

CONFIRM - http://raydium.org/svn.php

MISC - http://aluigi.altervista.org/adv/raydiumx-adv.txt


Last Updated: 27 May 2016 10:42:27