Lucene search

MitreCVELIST:CVE-2006-0150

HistoryJan 09, 2006 - 11:00 p.m.

CVE-2006-0150

2006-01-0923:00:00

mitre

www.cve.org

7.5 High

AI Score

Confidence

Low

0.17 Low

EPSS

Percentile

96.1%

JSON

Multiple format string vulnerabilities in the auth_ldap_log_reason function in Apache auth_ldap 1.6.0 and earlier allows remote attackers to execute arbitrary code via various vectors, including the username.

References

secunia.com/advisories/18382

secunia.com/advisories/18405

secunia.com/advisories/18412

secunia.com/advisories/18568

securitytracker.com/id?1015456

www.debian.org/security/2006/dsa-952

www.digitalarmaments.com/2006090173928420.html

www.redhat.com/support/errata/RHSA-2006-0179.html

www.rudedog.org/auth_ldap/Changes.html

www.securityfocus.com/archive/1/421286/100/0/threaded

www.securityfocus.com/bid/16177

www.vupen.com/english/advisories/2006/0117

wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:017

exchange.xforce.ibmcloud.com/vulnerabilities/24030