Vulnerability-Lookup

CVE-2006-1864 (GCVE-0-2006-1864)

Vulnerability from cvelistv5 – Published: 2006-04-26 22:00 – Updated: 2024-08-07 17:27

Summary

Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1863.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://support.avaya.com/elmodocs2/security/ASA-2…	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2006-04…	vendor-advisoryx_refsource_REDHAT
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/19869	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/4502	vdb-entryx_refsource_VUPEN
	http://www.vupen.com/english/advisories/2006/2554	vdb-entryx_refsource_VUPEN
	http://www.redhat.com/support/errata/RHSA-2006-05…	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/20716	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/22875	third-party-advisoryx_refsource_SECUNIA
	http://www.osvdb.org/25067	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/21476	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/21745	third-party-advisoryx_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://www.vmware.com/download/esx/esx-202-200610…	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/usn-302-1	vendor-advisoryx_refsource_UBUNTU
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://www.securityfocus.com/archive/1/451426/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/21614	third-party-advisoryx_refsource_SECUNIA
	https://bugzilla.redhat.com/bugzilla/show_bug.cgi…	x_refsource_CONFIRM
	http://secunia.com/advisories/21035	third-party-advisoryx_refsource_SECUNIA
	http://www.vmware.com/download/esx/esx-213-200610…	x_refsource_CONFIRM
	http://www.debian.org/security/2006/dsa-1097	vendor-advisoryx_refsource_DEBIAN
	http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
	http://www.securityfocus.com/bid/17735	vdb-entryx_refsource_BID
	http://www.trustix.org/errata/2006/0026	vendor-advisoryx_refsource_TRUSTIX
	http://www.redhat.com/support/errata/RHSA-2006-05…	vendor-advisoryx_refsource_REDHAT
	http://www.debian.org/security/2006/dsa-1103	vendor-advisoryx_refsource_DEBIAN
	http://secunia.com/advisories/23064	third-party-advisoryx_refsource_SECUNIA
	http://www.vmware.com/download/esx/esx-254-200610…	x_refsource_CONFIRM
	http://support.avaya.com/elmodocs2/security/ASA-2…	x_refsource_CONFIRM
	http://secunia.com/advisories/22497	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/451404/100…	mailing-listx_refsource_BUGTRAQ
	http://www.redhat.com/support/errata/RHSA-2006-07…	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/20237	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/20398	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/451417/100…	mailing-listx_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/20671	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/451419/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/20914	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:27:29.189Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm"
          },
          {
            "name": "RHSA-2006:0493",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0493.html"
          },
          {
            "name": "oval:org.mitre.oval:def:11327",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11327"
          },
          {
            "name": "19869",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19869"
          },
          {
            "name": "ADV-2006-4502",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4502"
          },
          {
            "name": "ADV-2006-2554",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2554"
          },
          {
            "name": "RHSA-2006:0579",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0579.html"
          },
          {
            "name": "20716",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20716"
          },
          {
            "name": "22875",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22875"
          },
          {
            "name": "25067",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/25067"
          },
          {
            "name": "21476",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21476"
          },
          {
            "name": "21745",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21745"
          },
          {
            "name": "MDKSA-2006:150",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:150"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
          },
          {
            "name": "USN-302-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-302-1"
          },
          {
            "name": "MDKSA-2006:151",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:151"
          },
          {
            "name": "20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
          },
          {
            "name": "21614",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21614"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189435"
          },
          {
            "name": "21035",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21035"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
          },
          {
            "name": "DSA-1097",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1097"
          },
          {
            "name": "SUSE-SA:2006:028",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006-05-31.html"
          },
          {
            "name": "17735",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/17735"
          },
          {
            "name": "2006-0026",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2006/0026"
          },
          {
            "name": "RHSA-2006:0580",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0580.html"
          },
          {
            "name": "DSA-1103",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1103"
          },
          {
            "name": "23064",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23064"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm"
          },
          {
            "name": "22497",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22497"
          },
          {
            "name": "20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
          },
          {
            "name": "RHSA-2006:0710",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0710.html"
          },
          {
            "name": "20237",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20237"
          },
          {
            "name": "20398",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20398"
          },
          {
            "name": "20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
          },
          {
            "name": "kernel-smbfs-directory-traversal(26137)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26137"
          },
          {
            "name": "20671",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20671"
          },
          {
            "name": "20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/451419/100/200/threaded"
          },
          {
            "name": "20914",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20914"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-04-26T04:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via \"..\\\\\" sequences, a similar vulnerability to CVE-2006-1863."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T18:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm"
        },
        {
          "name": "RHSA-2006:0493",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0493.html"
        },
        {
          "name": "oval:org.mitre.oval:def:11327",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11327"
        },
        {
          "name": "19869",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19869"
        },
        {
          "name": "ADV-2006-4502",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4502"
        },
        {
          "name": "ADV-2006-2554",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2554"
        },
        {
          "name": "RHSA-2006:0579",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0579.html"
        },
        {
          "name": "20716",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20716"
        },
        {
          "name": "22875",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22875"
        },
        {
          "name": "25067",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/25067"
        },
        {
          "name": "21476",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21476"
        },
        {
          "name": "21745",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21745"
        },
        {
          "name": "MDKSA-2006:150",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:150"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
        },
        {
          "name": "USN-302-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-302-1"
        },
        {
          "name": "MDKSA-2006:151",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:151"
        },
        {
          "name": "20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
        },
        {
          "name": "21614",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21614"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189435"
        },
        {
          "name": "21035",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21035"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
        },
        {
          "name": "DSA-1097",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1097"
        },
        {
          "name": "SUSE-SA:2006:028",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006-05-31.html"
        },
        {
          "name": "17735",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/17735"
        },
        {
          "name": "2006-0026",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2006/0026"
        },
        {
          "name": "RHSA-2006:0580",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0580.html"
        },
        {
          "name": "DSA-1103",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1103"
        },
        {
          "name": "23064",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23064"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm"
        },
        {
          "name": "22497",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22497"
        },
        {
          "name": "20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
        },
        {
          "name": "RHSA-2006:0710",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0710.html"
        },
        {
          "name": "20237",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20237"
        },
        {
          "name": "20398",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20398"
        },
        {
          "name": "20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
        },
        {
          "name": "kernel-smbfs-directory-traversal(26137)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26137"
        },
        {
          "name": "20671",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20671"
        },
        {
          "name": "20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/451419/100/200/threaded"
        },
        {
          "name": "20914",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20914"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2006-1864",
    "datePublished": "2006-04-26T22:00:00.000Z",
    "dateReserved": "2006-04-19T04:00:00.000Z",
    "dateUpdated": "2024-08-07T17:27:29.189Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2006-AVI-354

Vulnerability from certfr_avis - Published: 2006-08-14 - Updated: 2006-08-14

None

Description

De multiples vulnérabilités dans le noyau Linux de la branche 2.4 ont été identifiées. Elles permettent à un utilisateur distant de réaliser un déni de service. Elles permettent également à un utilisateur local de provoquer un déni de service, d'élever ses privilèges, de contourner la politique de sécurité ou de porter atteinte à la confidentialité des données du système vulnérable.

Solution

La version 2.4.33 de la branche 2.4 du noyau Linux corrige le problème :

http://www.kernel.org/

Les noyaux Linux de la branche 2.4 versions 2.4.32 et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Liste des changements apportés à la version 2.4.33 du noyau Linux	None	vendor-advisory
Liste des changements apportés à la version 2.4.33 du noyau Linux :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eLes noyaux Linux de la branche 2.4  versions 2.4.32 et ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de la branche 2.4 ont\n\u00e9t\u00e9 identifi\u00e9es. Elles permettent \u00e0 un utilisateur distant de r\u00e9aliser\nun d\u00e9ni de service. Elles permettent \u00e9galement \u00e0 un utilisateur local de\nprovoquer un d\u00e9ni de service, d\u0027\u00e9lever ses privil\u00e8ges, de contourner la\npolitique de s\u00e9curit\u00e9 ou de porter atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es du syst\u00e8me vuln\u00e9rable.\n\n## Solution\n\nLa version 2.4.33 de la branche 2.4 du noyau Linux corrige le probl\u00e8me :\n\n    http://www.kernel.org/\n",
  "cves": [
    {
      "name": "CVE-2006-1525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1525"
    },
    {
      "name": "CVE-2006-1858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1858"
    },
    {
      "name": "CVE-2006-2271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-2271"
    },
    {
      "name": "CVE-2006-2272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-2272"
    },
    {
      "name": "CVE-2006-0039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0039"
    },
    {
      "name": "CVE-2006-1058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1058"
    },
    {
      "name": "CVE-2006-1857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1857"
    },
    {
      "name": "CVE-2006-1864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1864"
    },
    {
      "name": "CVE-2006-2274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-2274"
    }
  ],
  "initial_release_date": "2006-08-14T00:00:00",
  "last_revision_date": "2006-08-14T00:00:00",
  "links": [
    {
      "title": "Liste des changements apport\u00e9s \u00e0 la version 2.4.33 du noyau    Linux :",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33"
    }
  ],
  "reference": "CERTA-2006-AVI-354",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-08-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s du noyau Linux 2.4",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Liste des changements apport\u00e9s \u00e0 la version 2.4.33 du noyau Linux",
      "url": null
    }
  ]
}

CERTA-2006-AVI-501

Vulnerability from certfr_avis - Published: 2006-11-15 - Updated: 2007-05-29

None

Description

De multiples vulnérabilités ont été découvertes dans le produit VMware ESX Server. Ces vulnérabilités permettent à un utilisateur mal intentionné de provoquer un déni de service à distance et/ou d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
VMware	N/A	VMware ESX Server 2.1.3 Upgrade Patch 2 ;
VMware	N/A	VMware ESX Server 2.0.2 Upgrade Patch 2 ;
VMware	N/A	VMware ESX Server 3.0.0 AMD fxsave/restore issue.
VMware	N/A	VMware ESX Server 2.5.4 Upgrade Patch 1 ;

References

Title

Publication Time

Tags

Bulletins de sécurité VMware du 13 Novembre 2006	None	vendor-advisory
Bulletins de sécurité VMware ESX Server :	-	other
Bulletins de sécurité VMware ESX Server :	-	other
Bulletins de sécurité VMware ESX Server :	-	other
Bulletin de sécurité SuSE SUSE-SA:2007:012 :	-	other
Bulletins de sécurité VMware ESX Server :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VMware ESX Server 2.1.3 Upgrade Patch 2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX Server 2.0.2 Upgrade Patch 2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX Server 3.0.0 AMD fxsave/restore issue.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX Server 2.5.4 Upgrade Patch 1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le produit VMware\nESX Server. Ces vuln\u00e9rabilit\u00e9s permettent \u00e0 un utilisateur mal\nintentionn\u00e9 de provoquer un d\u00e9ni de service \u00e0 distance et/ou d\u0027ex\u00e9cuter\ndu code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-1343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1343"
    },
    {
      "name": "CVE-2006-2071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-2071"
    },
    {
      "name": "CVE-2006-1342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1342"
    },
    {
      "name": "CVE-2006-3403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3403"
    },
    {
      "name": "CVE-2006-1056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1056"
    },
    {
      "name": "CVE-2005-2177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2177"
    },
    {
      "name": "CVE-2006-1864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1864"
    },
    {
      "name": "CVE-2006-3467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3467"
    }
  ],
  "initial_release_date": "2006-11-15T00:00:00",
  "last_revision_date": "2007-05-29T00:00:00",
  "links": [
    {
      "title": "Bulletins de s\u00e9curit\u00e9 VMware ESX Server :",
      "url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 VMware ESX Server :",
      "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 VMware ESX Server :",
      "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SA:2007:012 :",
      "url": "http://lists.suse.com/archive/suse-security-announce/2007-May/0008.html"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 VMware ESX Server :",
      "url": "http://kb.vmware.com/kb/2533126"
    }
  ],
  "reference": "CERTA-2006-AVI-501",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-11-15T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 SuSE.",
      "revision_date": "2007-05-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 VMware du 13 Novembre 2006",
      "url": null
    }
  ]
}

GSD-2006-1864

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-1864

Aliases

CVE-2006-1864

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-1864",
    "description": "Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via \"..\\\\\" sequences, a similar vulnerability to CVE-2006-1863.",
    "id": "GSD-2006-1864",
    "references": [
      "https://www.suse.com/security/cve/CVE-2006-1864.html",
      "https://www.debian.org/security/2006/dsa-1103",
      "https://www.debian.org/security/2006/dsa-1097",
      "https://access.redhat.com/errata/RHSA-2006:0710",
      "https://access.redhat.com/errata/RHSA-2006:0580",
      "https://access.redhat.com/errata/RHSA-2006:0579",
      "https://access.redhat.com/errata/RHSA-2006:0493"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-1864"
      ],
      "details": "Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via \"..\\\\\" sequences, a similar vulnerability to CVE-2006-1863.",
      "id": "GSD-2006-1864",
      "modified": "2023-12-13T01:19:55.591535Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2006-1864",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via \"..\\\\\" sequences, a similar vulnerability to CVE-2006-1863."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://secunia.com/advisories/20237",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/20237"
          },
          {
            "name": "http://secunia.com/advisories/21745",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21745"
          },
          {
            "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm",
            "refsource": "MISC",
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2006-0493.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0493.html"
          },
          {
            "name": "http://secunia.com/advisories/22875",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/22875"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/451404/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/451417/100/200/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/451426/100/200/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
          },
          {
            "name": "http://www.vmware.com/download/esx/esx-202-200610-patch.html",
            "refsource": "MISC",
            "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
          },
          {
            "name": "http://www.vmware.com/download/esx/esx-213-200610-patch.html",
            "refsource": "MISC",
            "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2006/4502",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2006/4502"
          },
          {
            "name": "http://secunia.com/advisories/21035",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21035"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2006-0579.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0579.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2006-0580.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0580.html"
          },
          {
            "name": "http://secunia.com/advisories/20914",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/20914"
          },
          {
            "name": "http://www.debian.org/security/2006/dsa-1103",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2006/dsa-1103"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2006/2554",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2006/2554"
          },
          {
            "name": "http://secunia.com/advisories/20671",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/20671"
          },
          {
            "name": "http://secunia.com/advisories/20716",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/20716"
          },
          {
            "name": "http://www.debian.org/security/2006/dsa-1097",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2006/dsa-1097"
          },
          {
            "name": "http://www.ubuntu.com/usn/usn-302-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/usn-302-1"
          },
          {
            "name": "http://secunia.com/advisories/21476",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21476"
          },
          {
            "name": "http://secunia.com/advisories/20398",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/20398"
          },
          {
            "name": "http://www.novell.com/linux/security/advisories/2006-05-31.html",
            "refsource": "MISC",
            "url": "http://www.novell.com/linux/security/advisories/2006-05-31.html"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:150",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:150"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/451419/100/200/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/451419/100/200/threaded"
          },
          {
            "name": "http://www.vmware.com/download/esx/esx-254-200610-patch.html",
            "refsource": "MISC",
            "url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"
          },
          {
            "name": "http://secunia.com/advisories/21614",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21614"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:151",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:151"
          },
          {
            "name": "http://secunia.com/advisories/19869",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/19869"
          },
          {
            "name": "http://secunia.com/advisories/22497",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/22497"
          },
          {
            "name": "http://secunia.com/advisories/23064",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/23064"
          },
          {
            "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm",
            "refsource": "MISC",
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm"
          },
          {
            "name": "http://www.osvdb.org/25067",
            "refsource": "MISC",
            "url": "http://www.osvdb.org/25067"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2006-0710.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0710.html"
          },
          {
            "name": "http://www.securityfocus.com/bid/17735",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/17735"
          },
          {
            "name": "http://www.trustix.org/errata/2006/0026",
            "refsource": "MISC",
            "url": "http://www.trustix.org/errata/2006/0026"
          },
          {
            "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189435",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189435"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26137",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26137"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11327",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11327"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16:rc2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16:rc3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16:rc4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16:rc5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16:rc6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16_rc7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2006-1864"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via \"..\\\\\" sequences, a similar vulnerability to CVE-2006-1863."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189435",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit"
              ],
              "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189435"
            },
            {
              "name": "17735",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/17735"
            },
            {
              "name": "19869",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/19869"
            },
            {
              "name": "25067",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/25067"
            },
            {
              "name": "2006-0026",
              "refsource": "TRUSTIX",
              "tags": [],
              "url": "http://www.trustix.org/errata/2006/0026"
            },
            {
              "name": "RHSA-2006:0493",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0493.html"
            },
            {
              "name": "20237",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20237"
            },
            {
              "name": "DSA-1097",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2006/dsa-1097"
            },
            {
              "name": "20671",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20671"
            },
            {
              "name": "SUSE-SA:2006:028",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://www.novell.com/linux/security/advisories/2006-05-31.html"
            },
            {
              "name": "USN-302-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-302-1"
            },
            {
              "name": "20716",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20716"
            },
            {
              "name": "DSA-1103",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2006/dsa-1103"
            },
            {
              "name": "20914",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20914"
            },
            {
              "name": "RHSA-2006:0579",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0579.html"
            },
            {
              "name": "RHSA-2006:0580",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0580.html"
            },
            {
              "name": "21035",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21035"
            },
            {
              "name": "21614",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21614"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm"
            },
            {
              "name": "21745",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21745"
            },
            {
              "name": "20398",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20398"
            },
            {
              "name": "RHSA-2006:0710",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0710.html"
            },
            {
              "name": "22497",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/22497"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm"
            },
            {
              "name": "http://www.vmware.com/download/esx/esx-202-200610-patch.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
            },
            {
              "name": "http://www.vmware.com/download/esx/esx-213-200610-patch.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
            },
            {
              "name": "http://www.vmware.com/download/esx/esx-254-200610-patch.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"
            },
            {
              "name": "22875",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/22875"
            },
            {
              "name": "23064",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/23064"
            },
            {
              "name": "21476",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21476"
            },
            {
              "name": "MDKSA-2006:150",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:150"
            },
            {
              "name": "MDKSA-2006:151",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:151"
            },
            {
              "name": "ADV-2006-4502",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/4502"
            },
            {
              "name": "ADV-2006-2554",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/2554"
            },
            {
              "name": "kernel-smbfs-directory-traversal(26137)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26137"
            },
            {
              "name": "oval:org.mitre.oval:def:11327",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11327"
            },
            {
              "name": "20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
            },
            {
              "name": "20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/451419/100/200/threaded"
            },
            {
              "name": "20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
            },
            {
              "name": "20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-18T16:36Z",
      "publishedDate": "2006-04-26T18:06Z"
    }
  }
}

FKIE_CVE-2006-1864

Vulnerability from fkie_nvd - Published: 2006-04-26 18:06 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://secunia.com/advisories/19869
secalert@redhat.com	http://secunia.com/advisories/20237
secalert@redhat.com	http://secunia.com/advisories/20398
secalert@redhat.com	http://secunia.com/advisories/20671
secalert@redhat.com	http://secunia.com/advisories/20716
secalert@redhat.com	http://secunia.com/advisories/20914
secalert@redhat.com	http://secunia.com/advisories/21035
secalert@redhat.com	http://secunia.com/advisories/21476
secalert@redhat.com	http://secunia.com/advisories/21614
secalert@redhat.com	http://secunia.com/advisories/21745
secalert@redhat.com	http://secunia.com/advisories/22497
secalert@redhat.com	http://secunia.com/advisories/22875
secalert@redhat.com	http://secunia.com/advisories/23064
secalert@redhat.com	http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm
secalert@redhat.com	http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm
secalert@redhat.com	http://www.debian.org/security/2006/dsa-1097
secalert@redhat.com	http://www.debian.org/security/2006/dsa-1103
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:150
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:151
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2006-05-31.html
secalert@redhat.com	http://www.osvdb.org/25067
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2006-0493.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2006-0579.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2006-0580.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2006-0710.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/451404/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/451417/100/200/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/451419/100/200/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/451426/100/200/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/17735
secalert@redhat.com	http://www.trustix.org/errata/2006/0026
secalert@redhat.com	http://www.ubuntu.com/usn/usn-302-1
secalert@redhat.com	http://www.vmware.com/download/esx/esx-202-200610-patch.html
secalert@redhat.com	http://www.vmware.com/download/esx/esx-213-200610-patch.html
secalert@redhat.com	http://www.vmware.com/download/esx/esx-254-200610-patch.html
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/2554
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/4502
secalert@redhat.com	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189435	Exploit
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/26137
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11327
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19869
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20237
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20398
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20671
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20716
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20914
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21035
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21476
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21614
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21745
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22497
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22875
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23064
af854a3a-2127-422b-91ae-364da2661108	http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm
af854a3a-2127-422b-91ae-364da2661108	http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1097
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1103
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:150
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:151
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2006-05-31.html
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/25067
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2006-0493.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2006-0579.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2006-0580.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2006-0710.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/451404/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/451417/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/451419/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/451426/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/17735
af854a3a-2127-422b-91ae-364da2661108	http://www.trustix.org/errata/2006/0026
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-302-1
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/download/esx/esx-202-200610-patch.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/download/esx/esx-213-200610-patch.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/download/esx/esx-254-200610-patch.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/2554
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/4502
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189435	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/26137
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11327

Impacted products

Vendor	Product	Version
linux	linux_kernel	2.6.16
linux	linux_kernel	2.6.16
linux	linux_kernel	2.6.16
linux	linux_kernel	2.6.16
linux	linux_kernel	2.6.16
linux	linux_kernel	2.6.16
linux	linux_kernel	2.6.16
linux	linux_kernel	2.6.16.1
linux	linux_kernel	2.6.16.2
linux	linux_kernel	2.6.16.3
linux	linux_kernel	2.6.16.4
linux	linux_kernel	2.6.16.7
linux	linux_kernel	2.6.16.8
linux	linux_kernel	2.6.16_rc7

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "34E60197-56C3-485C-9609-B1C4A0E0FCB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D1369C4A-EF3B-4805-9046-ADA38ED940C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "CC3639E1-B5E4-4DD6-80D4-BA07D192C42D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "54393D69-B368-4296-9798-D81570495C6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "6791A801-9E06-47DD-912F-D8594E2F6B3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "AE90CCED-3A5B-46E3-A6B0-4865AB786289",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "CBFF6DE7-6D7C-469A-9B2D-2F6E915F55B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "86E452E4-45A9-4469-BF69-F40B6598F0EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5751AC4-A60F-42C6-88E5-FC8CFEE6F696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FF886A6-7E73-47AD-B6A5-A9EC5BEDCD0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "48777A01-8F36-4752-8F7A-1D1686C69A33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E51F0211-2D3E-4260-AD63-E83AE4EC4AF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C4E1245-C6BB-462C-9E27-C608595DAE3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16_rc7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E55F2549-F813-4BD6-8933-6788D898ECB1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via \"..\\\\\" sequences, a similar vulnerability to CVE-2006-1863."
    }
  ],
  "id": "CVE-2006-1864",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-04-26T18:06:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19869"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/20237"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/20398"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/20671"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/20716"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/20914"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21035"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21476"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21614"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/21745"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/22497"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/22875"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/23064"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1097"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1103"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:150"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:151"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2006-05-31.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.osvdb.org/25067"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0493.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0579.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0580.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0710.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/451419/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/17735"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.trustix.org/errata/2006/0026"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-302-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/2554"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/4502"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189435"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26137"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19869"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20237"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20671"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20716"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20914"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21035"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21476"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21614"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21745"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22497"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22875"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/23064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1097"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1103"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:150"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:151"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2006-05-31.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/25067"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0493.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0579.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0580.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0710.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/451419/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/17735"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2006/0026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-302-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/2554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/4502"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189435"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26137"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11327"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-FMC8-HP9Q-FHJ5

Vulnerability from github – Published: 2022-05-01 06:53 – Updated: 2022-05-01 06:53

Details

Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences, a similar vulnerability to CVE-2006-1863.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-1864"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-04-26T18:06:00Z",
    "severity": "MODERATE"
  },
  "details": "Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via \"..\\\\\" sequences, a similar vulnerability to CVE-2006-1863.",
  "id": "GHSA-fmc8-hp9q-fhj5",
  "modified": "2022-05-01T06:53:37Z",
  "published": "2022-05-01T06:53:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1864"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189435"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26137"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11327"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19869"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20237"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20398"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20671"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20716"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20914"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21035"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21476"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21614"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21745"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22497"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22875"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/23064"
    },
    {
      "type": "WEB",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm"
    },
    {
      "type": "WEB",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2006/dsa-1097"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2006/dsa-1103"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:150"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:151"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2006-05-31.html"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/25067"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0493.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0579.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0580.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0710.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/451419/100/200/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/17735"
    },
    {
      "type": "WEB",
      "url": "http://www.trustix.org/errata/2006/0026"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-302-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/2554"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/4502"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-1864 (GCVE-0-2006-1864)

CERTA-2006-AVI-354

Description

Solution

CERTA-2006-AVI-501

Description

Solution

GSD-2006-1864

FKIE_CVE-2006-1864

GHSA-FMC8-HP9Q-FHJ5

Tags

Sightings

Nomenclature