CVSS: 10.0EPSS: 5%CPEs: 32EXPL: 0CVE-2006-6235
https://notcve.org/view.php?id=CVE-2006-6235
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory. Una vulnerabilidad de "escritura en pila" en GnuPG (gpg) 1.x anterior a la 1.4.6, 2.x anterior a la 2.0.2 y 1.9.0 hasta la 1.9.95 permite a atacantes ejecutar código de su elección mediante paquetes OpenPGP artesanales que provocan que GnuPG haga referencia a un puntero a función que está en memoria (en la pila) que ya ha sido liberada. • ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html http://secunia.com/advisories/23245 http://secunia.com/advisories/23250 http://secunia.com/advisories/23255 http://secunia.com/advisories/23259 http://secunia.com/advisories/23269 http://secunia.com/advisories/23284 http://secunia.com/advisories/23290 http://secunia. •
CVSS: 5.4EPSS: 3%CPEs: 3EXPL: 2CVE-2006-5466
https://notcve.org/view.php?id=CVE-2006-5466
Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ru_RU.UTF-8, might allow user-assisted attackers to execute arbitrary code via crafted RPM packages. Desbordamiento de búfer basado en montón en la función shoqQueryPackage en librpm en RPM Package Manager 4.4.8, cuando la variable de entorno LANG tiene el valor ru_RU.UTF-8, podría permitir a atacantes con la intervención del usuario ejecutar código de su elección mediante paquetes RPM manipulados. • http://secunia.com/advisories/22740 http://secunia.com/advisories/22745 http://secunia.com/advisories/22768 http://secunia.com/advisories/22854 http://security.gentoo.org/glsa/glsa-200611-08.xml http://securitytracker.com/id?1017160 http://www.mandriva.com/security/advisories?name=MDKSA-2006:200 http://www.securityfocus.com/bid/20906 http://www.ubuntu.com/usn/usn-378-1 http://www.vupen.com/english/advisories/2006/4350 https://bugzilla.redhat.com/bugzilla/show_bug.cgi? •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2006-3597
https://notcve.org/view.php?id=CVE-2006-3597
passwd before 1:4.0.13 on Ubuntu 6.06 LTS leaves the root password blank instead of locking it when the administrator selects the "Go Back" option after the final "Installation complete" message and uses the main menu, which causes the password to be zeroed out in the installer's memory. passwd anterior a 1:4.0.13 sobre Ubuntu 6.06 LTS deja la contraseña de root en blanco en vez de cerrarlo cuando el administrador selecciona la opción "Go Back" después del mensaje final "instalación completa" y utiliza el menu principal, lo que provoca que la contraseña que se ponga a cero fuera de la memoria del instalador. • http://secunia.com/advisories/21022 http://www.osvdb.org/27091 http://www.ubuntu.com/usn/usn-316-1 •
CVSS: 7.2EPSS: 0%CPEs: 11EXPL: 0CVE-2006-3378
https://notcve.org/view.php?id=CVE-2006-3378
passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits. Comando passwd en shadow, en Ubuntu 5.04 through 6.06 LTS, cuando se pasa como parámetro –f, -g o –s, no comprueba el código de retorno de una llamada seguid, lo que podría provocar que usuarios locales obtuvieran privilegios de administrador (root) si seguid falla en casos como errores PAM o límite de recursos. • http://secunia.com/advisories/20950 http://secunia.com/advisories/20966 http://secunia.com/advisories/21480 http://www.debian.org/security/2006/dsa-1150 http://www.osvdb.org/26995 http://www.securityfocus.com/bid/18850 http://www.ubuntu.com/usn/usn-308-1 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 2CVE-2006-1183 – Ubuntu 5.10 Installer - Password Disclosure
https://notcve.org/view.php?id=CVE-2006-1183
The Ubuntu 5.10 installer does not properly clear passwords from the installer log file (questions.dat), and leaves the log file with world-readable permissions, which allows local users to gain privileges. • https://www.exploit-db.com/exploits/1579 http://secunia.com/advisories/19200 http://securitytracker.com/id?1015761 http://www.osvdb.org/23868 http://www.securityfocus.com/bid/17086 http://www.vupen.com/english/advisories/2006/0927 https://exchange.xforce.ibmcloud.com/vulnerabilities/25170 https://launchpad.net/distros/ubuntu/+source/shadow/+bug/34606 https://usn.ubuntu.com/262-1 •