Vulnerability-Lookup

CVE-2006-4416 (GCVE-0-2006-4416)

Vulnerability from cvelistv5 – Published: 2006-08-28 20:00 – Updated: 2024-08-07 19:06

Summary

Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://secunia.com/advisories/22106	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://securitytracker.com/id?1016920	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/20197	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2006/3389	vdb-entryx_refsource_VUPEN
	http://www-1.ibm.com/support/docview.wss?uid=isg1…	vendor-advisoryx_refsource_AIXAPAR
	http://secunia.com/advisories/21620	third-party-advisoryx_refsource_SECUNIA
	http://www-1.ibm.com/support/docview.wss?uid=isg1…	vendor-advisoryx_refsource_AIXAPAR
	http://www.securityfocus.com/bid/19708	vdb-entryx_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=isg1…	vendor-advisoryx_refsource_AIXAPAR
	http://www.vupen.com/english/advisories/2006/3770	vdb-entryx_refsource_VUPEN
	ftp://aix.software.ibm.com/aix/efixes/security/README	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:06:07.678Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "22106",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22106"
          },
          {
            "name": "aix-mkvg-privilege-escalation(29165)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29165"
          },
          {
            "name": "1016920",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016920"
          },
          {
            "name": "20197",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/20197"
          },
          {
            "name": "ADV-2006-3389",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3389"
          },
          {
            "name": "IY88737",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88737"
          },
          {
            "name": "21620",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21620"
          },
          {
            "name": "IY88722",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88722"
          },
          {
            "name": "19708",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19708"
          },
          {
            "name": "IY88699",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88699"
          },
          {
            "name": "ADV-2006-3770",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3770"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-08-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "22106",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22106"
        },
        {
          "name": "aix-mkvg-privilege-escalation(29165)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29165"
        },
        {
          "name": "1016920",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016920"
        },
        {
          "name": "20197",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/20197"
        },
        {
          "name": "ADV-2006-3389",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3389"
        },
        {
          "name": "IY88737",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88737"
        },
        {
          "name": "21620",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21620"
        },
        {
          "name": "IY88722",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88722"
        },
        {
          "name": "19708",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19708"
        },
        {
          "name": "IY88699",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88699"
        },
        {
          "name": "ADV-2006-3770",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3770"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-4416",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "22106",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22106"
            },
            {
              "name": "aix-mkvg-privilege-escalation(29165)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29165"
            },
            {
              "name": "1016920",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016920"
            },
            {
              "name": "20197",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/20197"
            },
            {
              "name": "ADV-2006-3389",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/3389"
            },
            {
              "name": "IY88737",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88737"
            },
            {
              "name": "21620",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21620"
            },
            {
              "name": "IY88722",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88722"
            },
            {
              "name": "19708",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/19708"
            },
            {
              "name": "IY88699",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88699"
            },
            {
              "name": "ADV-2006-3770",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/3770"
            },
            {
              "name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
              "refsource": "CONFIRM",
              "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-4416",
    "datePublished": "2006-08-28T20:00:00",
    "dateReserved": "2006-08-28T00:00:00",
    "dateUpdated": "2024-08-07T19:06:07.678Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-4416\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-08-28T20:04:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de ruta de b\u00fasqueda no confiable en el comando mkvg en IBM AIX 5.2 y 5.3 permite a usuarios locales escalar privilegios modificando la ruta para apuntar a programas (1) chdev, (2) mkboot, (3) varyonvg, o (4) varyoffvg maliciosos.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCB23261-D5A9-4C49-B08E-97A63ED6F84A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17EECCCB-D7D1-439A-9985-8FAE8B44487B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA8DDF4A-1C5D-4CB1-95B3-69EAE6572507\"}]}]}],\"references\":[{\"url\":\"ftp://aix.software.ibm.com/aix/efixes/security/README\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21620\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/22106\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1016920\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=isg1IY88699\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=isg1IY88722\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=isg1IY88737\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/19708\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/20197\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/3389\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/3770\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/29165\",\"source\":\"cve@mitre.org\"},{\"url\":\"ftp://aix.software.ibm.com/aix/efixes/security/README\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/21620\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/22106\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1016920\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=isg1IY88699\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=isg1IY88722\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=isg1IY88737\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/19708\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/20197\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/3389\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/3770\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/29165\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2006-4416

Vulnerability from fkie_nvd - Published: 2006-08-28 20:04 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

	URL	Tags
	cve@mitre.org	ftp://aix.software.ibm.com/aix/efixes/security/README
	cve@mitre.org	http://secunia.com/advisories/21620
	cve@mitre.org	http://secunia.com/advisories/22106
	cve@mitre.org	http://securitytracker.com/id?1016920
	cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=isg1IY88699
	cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=isg1IY88722
	cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=isg1IY88737
	cve@mitre.org	http://www.securityfocus.com/bid/19708
	cve@mitre.org	http://www.securityfocus.com/bid/20197
	cve@mitre.org	http://www.vupen.com/english/advisories/2006/3389
	cve@mitre.org	http://www.vupen.com/english/advisories/2006/3770
	cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/29165
	af854a3a-2127-422b-91ae-364da2661108	ftp://aix.software.ibm.com/aix/efixes/security/README
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21620
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22106
	af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016920
	af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=isg1IY88699
	af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=isg1IY88722
	af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=isg1IY88737
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/19708
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/20197
	af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/3389
	af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/3770
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/29165

Impacted products

Vendor	Product	Version
ibm	aix	5.1
ibm	aix	5.2
ibm	aix	5.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCB23261-D5A9-4C49-B08E-97A63ED6F84A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "17EECCCB-D7D1-439A-9985-8FAE8B44487B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8DDF4A-1C5D-4CB1-95B3-69EAE6572507",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ruta de b\u00fasqueda no confiable en el comando mkvg en IBM AIX 5.2 y 5.3 permite a usuarios locales escalar privilegios modificando la ruta para apuntar a programas (1) chdev, (2) mkboot, (3) varyonvg, o (4) varyoffvg maliciosos."
    }
  ],
  "id": "CVE-2006-4416",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-08-28T20:04:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/21620"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/22106"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016920"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88699"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88722"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88737"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/19708"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/20197"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/3389"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/3770"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29165"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21620"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22106"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016920"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88699"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88722"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88737"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/19708"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/20197"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/3389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/3770"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29165"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTA-2006-AVI-415

Vulnerability from certfr_avis - Published: 2006-10-03 - Updated: 2006-10-03

None

Description

De multiples vulnérabilités ont été identifiées dans le système d'exploitation IBM AIX. Elles permettraient à un utilisateur malveillant local au système vulnérable d'élever ses privilèges à ceux de l'administrateur (root), voire de modifier des données ou de provoquer un déni de service. Parmi ces vulnérabilités :

la commande mkvg ne faisant pas appel aux chemins absolus vers certaines fonctions ;
une erreur non précisée dans named8, un serveur de noms de domaines DNS ;
une mauvaise manipulation des fichiers par la commande rdist, servant à distribuer des copies de fichiers à plusieurs hôtes ;
une mauvaise manipulation de la base de données par l'utilitaire Inventory Scout, permettant de lister entre autres les éléments matériels du système ;
une erreur non précisée dans la commande utape associée au mode Diagnostics ;
une mauvaise manipulation des paramètres fournis à la commande cfgmgr, pouvant provoquer un débordement de mémoire ;
une erreur non précisée dans xlock, commande qui permet de verrouiller l'écran, et pouvant être exploitée pour provoquer un débordement de tampon et exécuter des commandes avec les droits de l'administrateur.

Solution

Se référer aux différents bulletins de sécurité d'IBM pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	IBM	AIX	IBM AIX 5.3.0
	IBM	AIX	IBM AIX 5.2.0

References

Title

Publication Time

GHSA-9H92-HJV2-CJ7Q

Vulnerability from github – Published: 2022-05-03 03:16 – Updated: 2022-05-03 03:16

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-4416"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-08-28T20:04:00Z",
    "severity": "HIGH"
  },
  "details": "Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program.",
  "id": "GHSA-9h92-hjv2-cj7q",
  "modified": "2022-05-03T03:16:27Z",
  "published": "2022-05-03T03:16:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4416"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29165"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21620"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22106"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016920"
    },
    {
      "type": "WEB",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88699"
    },
    {
      "type": "WEB",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88722"
    },
    {
      "type": "WEB",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88737"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/19708"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/20197"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/3389"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/3770"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2006-4416

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-4416

Aliases

CVE-2006-4416

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-4416",
    "description": "Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program.",
    "id": "GSD-2006-4416"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-4416"
      ],
      "details": "Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program.",
      "id": "GSD-2006-4416",
      "modified": "2023-12-13T01:19:51.348651Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-4416",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "22106",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22106"
          },
          {
            "name": "aix-mkvg-privilege-escalation(29165)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29165"
          },
          {
            "name": "1016920",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1016920"
          },
          {
            "name": "20197",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/20197"
          },
          {
            "name": "ADV-2006-3389",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/3389"
          },
          {
            "name": "IY88737",
            "refsource": "AIXAPAR",
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88737"
          },
          {
            "name": "21620",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21620"
          },
          {
            "name": "IY88722",
            "refsource": "AIXAPAR",
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88722"
          },
          {
            "name": "19708",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/19708"
          },
          {
            "name": "IY88699",
            "refsource": "AIXAPAR",
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88699"
          },
          {
            "name": "ADV-2006-3770",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/3770"
          },
          {
            "name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
            "refsource": "CONFIRM",
            "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-4416"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IY88699",
              "refsource": "AIXAPAR",
              "tags": [],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88699"
            },
            {
              "name": "IY88737",
              "refsource": "AIXAPAR",
              "tags": [],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88737"
            },
            {
              "name": "19708",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/19708"
            },
            {
              "name": "21620",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21620"
            },
            {
              "name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
            },
            {
              "name": "IY88722",
              "refsource": "AIXAPAR",
              "tags": [],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88722"
            },
            {
              "name": "20197",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/20197"
            },
            {
              "name": "22106",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/22106"
            },
            {
              "name": "1016920",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1016920"
            },
            {
              "name": "ADV-2006-3389",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/3389"
            },
            {
              "name": "ADV-2006-3770",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/3770"
            },
            {
              "name": "aix-mkvg-privilege-escalation(29165)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29165"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-20T01:33Z",
      "publishedDate": "2006-08-28T20:04Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-4416 (GCVE-0-2006-4416)

FKIE_CVE-2006-4416

CERTA-2006-AVI-415

Description

Solution

GHSA-9H92-HJV2-CJ7Q

GSD-2006-4416

Tags

Sightings

Nomenclature