Lucene search

[email protected]NVD:CVE-2006-4803

HistorySep 14, 2006 - 10:07 p.m.

CVE-2006-4803

2006-09-1422:07:00

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.2

Confidence

Low

EPSS

Percentile

5.1%

JSON

The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and “code injection.”

Affected configurations

Nvd

Node

netiqidentity_managerMatch3.0.1

VendorProductVersionCPE
netiqidentity_manager3.0.1cpe:2.3:a:netiq:identity_manager:3.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netiq	identity_manager	3.0.1	cpe:2.3:a:netiq:identity_manager:3.0.1:::::::*

References

secunia.com/advisories/21888

securitytracker.com/id?1016853

support.novell.com/cgi-bin/search/searchtid.cgi?/2974421.htm

www.securityfocus.com/bid/20016

www.vupen.com/english/advisories/2006/3607

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.2

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2006-4803

cvelist1 cve1