Lucene search

[email protected]CVE-2006-6164

HistoryNov 29, 2006 - 1:28 a.m.

CVE-2006-6164

2006-11-2901:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-6164

elf ld.so

openbsd 3.9

openbsd 4.0

_dl_unsetenv function

environment variables

ld_preload

privilege escalation

nvd

7.3 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 and 4.0 does not properly remove duplicate environment variables, which allows local users to pass dangerous variables such as LD_PRELOAD to loading processes, which might be leveraged to gain privileges.

CPENameOperatorVersion
openbsd:openbsdopenbsdeq3.9
openbsd:openbsdopenbsdeq4.0

CPE	Name	Operator	Version
openbsd:openbsd	openbsd	eq	3.9
openbsd:openbsd	openbsd	eq	4.0

References

secunia.com/advisories/22993

securitytracker.com/id?1017253

www.matasano.com/log/592/finger-79tcp-mcdonald-dowd-and-schuh-challenge-part-2/

www.openbsd.org/errata.html#ldso

www.openbsd.org/errata39.html#ldso

www.securityfocus.com/archive/1/452371/100/0/threaded

www.securityfocus.com/archive/1/452428/100/0/threaded

www.securityfocus.com/bid/21188

exchange.xforce.ibmcloud.com/vulnerabilities/30441

7.3 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON