Vulnerability Details : CVE-2006-6306
Format string vulnerability in Novell Modular Authentication Services (NMAS) in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window.
Products affected by CVE-2006-6306
- cpe:2.3:a:novell:client:4.91:sp2:*:*:*:*:*:*
- cpe:2.3:a:novell:client:4.91:sp3:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-6306
18.63%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-6306
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
1.2
|
LOW | AV:L/AC:H/Au:N/C:P/I:N/A:N |
1.9
|
2.9
|
NIST |
References for CVE-2006-6306
-
http://www.securityfocus.com/archive/1/453176/100/0/threaded
-
https://secure-support.novell.com/KanisaPlatform/Publishing/372/3546910_f.SAL_Public.html
-
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974872.htm
-
http://securitytracker.com/id?1017377
-
http://www.layereddefense.com/Novell01DEC.html
Vendor Advisory
-
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974876.htm
-
http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051038.html
Vendor Advisory
-
http://securityreason.com/securityalert/1970
-
http://www.vupen.com/english/advisories/2006/4987
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/30644
Jump to