CVE-2006-6306
1.2 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
78.4%
Format string vulnerability in Novell Modular Authentication Services (NMAS) in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window.
Affected configurations
References
lists.grok.org.uk/pipermail/full-disclosure/2006-December/051038.html
secunia.com/advisories/23363
securityreason.com/securityalert/1970
securitytracker.com/id?1017377
support.novell.com/cgi-bin/search/searchtid.cgi?/2974872.htm
support.novell.com/cgi-bin/search/searchtid.cgi?/2974876.htm
www.layereddefense.com/Novell01DEC.html
www.securityfocus.com/archive/1/453176/100/0/threaded
www.vupen.com/english/advisories/2006/4987
exchange.xforce.ibmcloud.com/vulnerabilities/30644
secure-support.novell.com/KanisaPlatform/Publishing/372/3546910_f.SAL_Public.html
1.2 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
78.4%