CVE-2006-6495
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2006-6495
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via large precision padding values in a format string specifier in the format parameter of the doprf function. NOTE: this issue normally does not cross privilege boundaries, except in cases of external introduction of malicious message files, or if it is leveraged with other vulnerabilities such as CVE-2006-6494.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Sun Solaris ld.so多个本地安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。 Solaris的ld.so程序库实现上存在多个安全漏洞,本地攻击者可能利用这些漏洞提升自己的权限。 ld.so程序库对LANG环境变量值没有做充分的检查过滤即做为创建文件路径的一部分,本地攻击者可以在变量值中插入"../"目录遍历串,从而在系统上的任意位置创建文件。 ld.so程序库的doprf()函数实现上存在一个栈溢出漏洞,本地攻击者可以利用此漏洞通过运行一个setuid程序来提升权限。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2006-6495
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2006-6495
Please Login to view more intelligence information
- http://support.avaya.com/elmodocs2/security/ASA-2007-019.htmx_refsource_CONFIRM
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102724-1vendor-advisoryx_refsource_SUNALERT
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1909vdb-entrysignaturex_refsource_OVAL
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=450third-party-advisoryx_refsource_IDEFENSE
- https://nvd.nist.gov/vuln/detail/CVE-2006-6495
Same Patch Batch · n/a · 2006-12-13 · 8 CVEs total
| CVE-2006-6496 | CA Anti-Virus'vetfddnt.sys和vetmonnt.sys'驱动本地拒绝服务漏洞 | |
| CVE-2006-2386 | Microsoft Outlook Express地址簿处理远程任意指令执行漏洞(MS06-076) | |
| CVE-2006-4702 | Microsoft Windows Media Format运行时库远程任意指令执行漏洞(MS06-078) | |
| CVE-2006-5584 | Microsoft Windows远程安装服务远程任意指令执行漏洞(MS06-077) | |
| CVE-2006-5585 | Microsoft Windows文件名单处理本地权限提升漏洞(MS06-075) | |
| CVE-2006-6494 | Sun Solaris 'ld.so'多个本地安全漏洞 | |
| CVE-2006-6493 | OpenLDAP服务器Kerberos Bind请求远程栈溢出漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2006-6495
No comments yet