Lucene search

[email protected]CVE-2006-5659

HistoryNov 03, 2006 - 12:07 a.m.

CVE-2006-5659

2006-11-0300:07:00

[email protected]

web.nvd.nist.gov

pam_extern

password exposure

cve-2006-5659

information security

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

PAM_extern before 0.2 sends a password as a command line argument, which allows local users to obtain the password by listing the command line arguments, such as ps. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

pam_externpam_externRange≤0.1

CPENameOperatorVersion
pam_extern:pam_externpam externle0.1

CPE	Name	Operator	Version
pam_extern:pam_extern	pam extern	le	0.1

References

www.vupen.com/english/advisories/2006/4235

exchange.xforce.ibmcloud.com/vulnerabilities/29912

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2006-5659

nvd1 cvelist1