Lucene search

[email protected]CVE-2006-2655

HistoryJun 02, 2006 - 1:02 a.m.

CVE-2006-2655

2006-06-0201:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-2655

ypserv

freebsd

access restrictions

remote attackers

nvd

6.9 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.124 Low

EPSS

Percentile

95.3%

JSON

The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restrictions.

CPENameOperatorVersion
freebsd:freebsdfreebsdeq5.4
freebsd:freebsdfreebsdeq6.1
freebsd:freebsdfreebsdeq5.3
freebsd:freebsdfreebsdeq6.0

CPE	Name	Operator	Version
freebsd:freebsd	freebsd	eq	5.4
freebsd:freebsd	freebsd	eq	6.1
freebsd:freebsd	freebsd	eq	5.3
freebsd:freebsd	freebsd	eq	6.0

References

secunia.com/advisories/20389

security.freebsd.org/advisories/FreeBSD-SA-06:15.ypserv.asc

securitytracker.com/id?1016193

www.osvdb.org/25852

www.securityfocus.com/bid/18204

exchange.xforce.ibmcloud.com/vulnerabilities/26792

6.9 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.124 Low

EPSS

Percentile

95.3%

JSON

Related for CVE-2006-2655

prion1 freebsd1 openvas2 securityvulns1 freebsd_advisory1