CVE-2006-4655 – X11R6 < 6.4 XKEYBOARD (sco x86) - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-4655
Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable value. Desbordamiento de búfer en función Strcmp en la extensión XKEYBOARD en Window System X11R6.4 y anteriores, según lo utilizado en SCO UnixWare 7.1.3 y Sun Solaris 8 hasta la 10, permite a un usuario local subir privilegios a través del valor de la larga variable de entorno _XKB_CHARSET. • https://www.exploit-db.com/exploits/2332 https://www.exploit-db.com/exploits/2331 https://www.exploit-db.com/exploits/2330 https://www.exploit-db.com/exploits/2360 http://secunia.com/advisories/21815 http://secunia.com/advisories/21845 http://secunia.com/advisories/21856 http://secunia.com/advisories/21993 http://securityreason.com/securityalert/1545 http://securitytracker.com/id?1016806 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102570-1 http://support. •
CVE-2006-4319
https://notcve.org/view.php?id=CVE-2006-4319
Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307. Desbordamiento de búfer en el comando format en Solaris 8, 9, y 10 permite a usuarios locales con acceso a format (tales y como el perfil RBAC "File System Management") ejecutar código de su elección a través de vectores desconocidos, una vulnerabilidad distinta de CVE-2006-4307. • http://secunia.com/advisories/21581 http://secunia.com/advisories/22295 http://securitytracker.com/id?1016727 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102519-1 http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm http://www.securityfocus.com/bid/19657 http://www.vupen.com/english/advisories/2006/3355 https://exchange.xforce.ibmcloud.com/vulnerabilities/28519 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2164 •
CVE-2006-4306
https://notcve.org/view.php?id=CVE-2006-4306
Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allows local users to execute arbitrary commands via unspecified vectors, involving the default Role-Based Access Control (RBAC) settings in the "File System Management" profile. Vulnerabilidad no especificada en Sun Solaris 8 y 9 versiones anteriores a 20060821 permite a atacantes remotos ejecutar sentencias de su elección mediante vectores sin especificar, involucrando la configuración del Control de Acceso por defecto basado en rol (RBAC) en el perfil "File System Management". • http://secunia.com/advisories/21581 http://secunia.com/advisories/22295 http://securitytracker.com/id?1016726 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102514-1 http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm http://www.securityfocus.com/bid/19643 http://www.vupen.com/english/advisories/2006/3355 https://exchange.xforce.ibmcloud.com/vulnerabilities/28551 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1527 •
CVE-2006-4307
https://notcve.org/view.php?id=CVE-2006-4307
Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary files via unspecified vectors involving profiles that permit running format with elevated privileges, a different issue than CVE-2006-4306 and CVE-2006-4319. Vulnerabilidad no especificada en el comando de formato en Sun Solaris 8 y 9 anterior a 21/08/2006 permite a un usuario local modificar archivos de su elección a través de vectores no especificados que afectan al perfil que permite ejecutar el formato con privilegios elevados, un asunto diferente al de CVE-2006-4306. • http://secunia.com/advisories/21581 http://secunia.com/advisories/22295 http://securitytracker.com/id?1016726 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102514-1 http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm http://www.securityfocus.com/bid/19647 http://www.vupen.com/english/advisories/2006/3355 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1573 •
CVE-2006-3664
https://notcve.org/view.php?id=CVE-2006-3664
Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 allows local and remote attackers to cause a denial of service (ypserv hang) via unknown vectors. Vulnerabilidad no especificada en el servidor NIS sobre Sun Solaris 8, 9, y 10 permite a atacantes locales y remotos provocar denegación de servicio (culegue del ypserv) a través de vectores desconocidos. • http://secunia.com/advisories/21047 http://securitytracker.com/id?1016494 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102462-1 http://www.securityfocus.com/bid/18972 http://www.vupen.com/english/advisories/2006/2799 https://exchange.xforce.ibmcloud.com/vulnerabilities/27722 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1921 •