Lucene search

[email protected]CVE-2006-0126

HistoryJan 09, 2006 - 11:03 a.m.

CVE-2006-0126

2006-01-0911:03:00

[email protected]

web.nvd.nist.gov

cve-2006-0126

rxvt-unicode

security vulnerability

local access

tty devices

6.6 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices.

Affected configurations

NVD

Node

rxvt-unicoderxvt-unicodeRange≤6.2

CPENameOperatorVersion
rxvt-unicode:rxvt-unicoderxvt-unicodele6.2

CPE	Name	Operator	Version
rxvt-unicode:rxvt-unicode	rxvt-unicode	le	6.2

References

dist.schmorp.de/rxvt-unicode/Changes

secunia.com/advisories/18301

www.osvdb.org/22223

www.vupen.com/english/advisories/2006/0052

6.6 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2006-0126

ubuntucve1 cvelist1 nvd1 prion1 debiancve1