Lucene search

[email protected]CVE-2006-6474

HistoryDec 14, 2006 - 8:28 p.m.

CVE-2006-6474

2006-12-1420:28:00

[email protected]

web.nvd.nist.gov

mcafee

virusscan

linux

cve-2006-6474

vulnerability

dt_rpath

elf

dso

nvd

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.6%

JSON

Untrusted search path vulnerability in McAfee VirusScan for Linux 4510e and earlier includes the current working directory in the DT_RPATH environment variable, which allows local users to load arbitrary ELF DSO libraries and execute arbitrary code by installing malicious libraries in that directory.

Affected configurations

NVD

Node

mcafeevirusscanRange≤4510elinux

CPENameOperatorVersion
mcafee:virusscanmcafee virusscanle4510e

CPE	Name	Operator	Version
mcafee:virusscan	mcafee virusscan	le	4510e

References

secunia.com/advisories/23278

secunia.com/advisories/23429

security.gentoo.org/glsa/glsa-200612-15.xml

securitytracker.com/id?1017385

www.securityfocus.com/bid/21592

www.vupen.com/english/advisories/2006/5023

exchange.xforce.ibmcloud.com/vulnerabilities/30898

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.6%

JSON

Related for CVE-2006-6474

openvas2 cvelist1 nessus1 gentoo1 nvd1