[email protected]CVE-2006-5871

HistoryDec 11, 2006 - 11:28 p.m.

CVE-2006-5871

2006-12-1123:28:00

[email protected]

web.nvd.nist.gov

cve-2006-5871

smbfs

linux kernel

unix extensions

security bypass

nvd

4.1 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:S/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.4%

JSON

smbfs in Linux kernel 2.6.8 and other versions, and 2.4.x before 2.4.34, when UNIX extensions are enabled, ignores certain mount options, which could cause clients to use server-specified uid, gid and mode settings.

Affected configurations

NVD

Node

linuxlinux_kernelMatch2.4.33

linuxlinux_kernelMatch2.6.8

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.4.33
linux:linux_kernellinux linux kerneleq2.6.8

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.4.33
linux:linux_kernel	linux linux kernel	eq	2.6.8

References

secunia.com/advisories/23361

secunia.com/advisories/23370

secunia.com/advisories/23395

secunia.com/advisories/25683

www.debian.org/security/2006/dsa-1233

www.novell.com/linux/security/advisories/2007_35_kernel.html

www.securityfocus.com/bid/21523

www.us.debian.org/security/2006/dsa-1237

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10171

4.1 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:S/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.4%

JSON

Related for CVE-2006-5871

nvd1 cvelist1 osv2 debian2 openvas7 nessus5 suse1 redhat1 centos1