Lucene search

MitreCVE-2006-0408

HistoryJan 25, 2006 - 2:03 a.m.

CVE-2006-0408

2006-01-2502:03:00

mitre

web.nvd.nist.gov

cve-2006-0408

sun grid engine

sge

privilege escalation

arbitrary code execution

nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.001

Percentile

27.1%

JSON

rsh utility in Sun Grid Engine (SGE) before 6.0u7_1 allows local users to gain privileges and execute arbitrary code via unspecified vectors, possibly involving command line arguments.

Affected configurations

Nvd

Node

sungrid_engineMatch6.0

sungrid_engineMatch6.0update1

sungrid_engineMatch6.0update2

sungrid_engineMatch6.0update3

sungrid_engineMatch6.0update4

sungrid_engineMatch6.0update5

sungrid_engineMatch6.0update6

sungrid_engineMatch6.0update7

VendorProductVersionCPE
sungrid_engine6.0cpe:2.3:a:sun:grid_engine:6.0:*:*:*:*:*:*:*
sungrid_engine6.0cpe:2.3:a:sun:grid_engine:6.0:update1:*:*:*:*:*:*
sungrid_engine6.0cpe:2.3:a:sun:grid_engine:6.0:update2:*:*:*:*:*:*
sungrid_engine6.0cpe:2.3:a:sun:grid_engine:6.0:update3:*:*:*:*:*:*
sungrid_engine6.0cpe:2.3:a:sun:grid_engine:6.0:update4:*:*:*:*:*:*
sungrid_engine6.0cpe:2.3:a:sun:grid_engine:6.0:update5:*:*:*:*:*:*
sungrid_engine6.0cpe:2.3:a:sun:grid_engine:6.0:update6:*:*:*:*:*:*
sungrid_engine6.0cpe:2.3:a:sun:grid_engine:6.0:update7:*:*:*:*:*:*

Vendor	Product	Version	CPE
sun	grid_engine	6.0	cpe:2.3:a:sun:grid_engine:6.0:::::::*
sun	grid_engine	6.0	cpe:2.3:a:sun:grid_engine:6.0:update1::::::
sun	grid_engine	6.0	cpe:2.3:a:sun:grid_engine:6.0:update2::::::
sun	grid_engine	6.0	cpe:2.3:a:sun:grid_engine:6.0:update3::::::
sun	grid_engine	6.0	cpe:2.3:a:sun:grid_engine:6.0:update4::::::
sun	grid_engine	6.0	cpe:2.3:a:sun:grid_engine:6.0:update5::::::
sun	grid_engine	6.0	cpe:2.3:a:sun:grid_engine:6.0:update6::::::
sun	grid_engine	6.0	cpe:2.3:a:sun:grid_engine:6.0:update7::::::

References

gridengine.sunsource.net/project/gridengine/60patches.txt

secunia.com/advisories/18580

securitytracker.com/id?1015531

www.securityfocus.com/bid/16366

www.vupen.com/english/advisories/2006/0308

exchange.xforce.ibmcloud.com/vulnerabilities/24281

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.001

Percentile

27.1%

JSON

Related for CVE-2006-0408