CVE-2006-5704
Severity Score
6.2
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
HP NonStop Server G06.29, when running Standard Security T6533G06 before T6533G06^ABK, does not properly evaluate access permissions to OSS directories when no optional ACL entry exists, which allows local users to read arbitrary files.
HP NonStop Server G06.29, cuando ejecuta tandard Security T6533G06 anterior a T6533G06^ABK, no evalua apropiadamente permisos de acceso a los directorio OSS cuando una entrada ACL no opcional existe, lo cual permiet a un usuario local leer archivos de su elección.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2006-11-03 CVE Reserved
- 2006-11-04 CVE Published
- 2024-03-29 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://securitytracker.com/id?1017135 | Vdb Entry | |
| http://www.securityfocus.com/bid/20824 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2006/4301 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/29951 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.ciac.org/ciac/bulletins/r-027.shtml | 2017-07-20 | |
| http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00795238 | 2017-07-20 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Hp Search vendor "Hp" | Nonstop Server Search vendor "Hp" for product "Nonstop Server" | g06.29 Search vendor "Hp" for product "Nonstop Server" and version "g06.29" | - |
Affected
| ||||||