Vulnerability Details : CVE-2006-4250
Potential exploit
Buffer overflow in man and mandb (man-db) 2.4.3 and earlier allows local users to execute arbitrary code via crafted arguments to the -H flag.
Vulnerability category: OverflowExecute code
Products affected by CVE-2006-4250
- cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:r1:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-4250
0.30%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 51 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-4250
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
References for CVE-2006-4250
-
http://www.securityfocus.com/bid/23355
Exploit
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/33508
man-db -H flag buffer overflow CVE-2006-4250 Vulnerability Report
-
http://www.debian.org/security/2007/dsa-1278
[SECURITY] [DSA 1278-1] New man-db packages fix arbitrary code executionPatch;Vendor Advisory
-
http://www.vupen.com/english/advisories/2007/1295
Site en construction
-
http://www.vupen.com/english/advisories/2007/1294
Site en construction
-
http://www.novell.com/linux/security/advisories/2007_007_suse.html
404 Page Not Found | SUSE
Jump to