Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-4663

EPSS 0.10% · P28
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-4663

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The source code tar archive of the Linux kernel 2.6.16, 2.6.17.11, and possibly other versions specifies weak permissions (0666 and 0777) for certain files and directories, which might allow local users to insert Trojan horse source code that would be used during the next kernel compilation. NOTE: another researcher disputes the vulnerability, stating that he finds "Not a single world-writable file or directory." CVE analysis as of 20060908 indicates that permissions will only be weak under certain unusual or insecure scenarios
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 存在安全漏洞,Linux kernel 2.6.16、2.6.17.11及可能的其他版本的源代码tar归档,对某些文件和目录指定了较弱的许可权(0666和0777),这可能让本地用户插入将在下次内核编译期间使用的特洛伊木马源代码。注意:另一研究者对此漏洞有争议,声称他发现"并非单个全域可写的文件或目录"。截至2006年9月8日,CVE分析指出仅在某些异常或不安全的情境下许可权才较弱。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-4663

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-4663

登录查看更多情报信息。

Same Patch Batch · n/a · 2006-09-09 · 22 CVEs total

CVE-2006-4659Panda Platinum Internet Security 本地提权漏洞
CVE-2006-4670Photokorn 多个PHP远程文件包含漏洞
CVE-2006-4669Somery 'Include.PHP' PHP远程文件包含漏洞
CVE-2006-4668AckerTodo 'Index.PHP'跨站脚本攻击漏洞
CVE-2006-4667RunCms 多个SQL注入漏洞
CVE-2006-4666WMNews 多个PHP远程文件包含漏洞
CVE-2006-4665MKPortal M1.1 Rc 'index.php'跨站脚本攻击漏洞
CVE-2006-4664Premod Shadow 'Functions_Portal.PHP'PHP远程文件包含漏洞
CVE-2006-4662ICQ Pro 2003b 堆溢出漏洞
CVE-2006-4661ICQ Toolbar 1.3 for IE多个安全漏洞
CVE-2006-4660ICQ Toolbar 1.3 for IE 多个跨站脚本攻击漏洞
CVE-2006-4294TWiki Viewfile 目录遍历漏洞
CVE-2006-4658Panda Platinum Internet Security 本地提权漏洞
CVE-2006-4657Panda Platinum Internet Security 本地提权漏洞
CVE-2006-4656Web-Provence SL_Site 'Spaw_control.class.PHP'PHP远程文件包含漏洞
CVE-2006-4655X.Org 字符控制函数 缓冲区溢出漏洞
CVE-2006-4654Easy Address Book Web Server 格式串处理漏洞
CVE-2006-4653Amazing Little Picture Poll 敏感信息泄露漏洞
CVE-2006-4652Amazing Little Picture Poll 'lp_admin.php'认证绕过漏洞
CVE-2006-4651PHP Download 'Download.PHP'目录遍历漏洞

Showing top 20 of 22 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-4663

No comments yet

Leave a comment