CVE-2006-5452
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
23/10/2006
Last modified:
17/10/2018
Description
Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.
Impact
Base Score 2.0
4.60
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:* | ||
cpe:2.3:o:hp:hp-ux:11.4:*:*:*:*:*:*:* | ||
cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:* | ||
cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:* | ||
cpe:2.3:o:hp:hp-ux:11.23:*:ia64_64-bit:*:*:*:*:* | ||
cpe:2.3:o:hp:tru64:4.0f:*:*:*:*:*:*:* | ||
cpe:2.3:o:hp:tru64:4.0f:pk8:*:*:*:*:*:* | ||
cpe:2.3:o:hp:tru64:4.0g:*:*:*:*:*:*:* | ||
cpe:2.3:o:hp:tru64:4.0g:pk4:*:*:*:*:*:* | ||
cpe:2.3:o:hp:tru64:5.0a:*:*:*:*:*:*:* | ||
cpe:2.3:o:hp:tru64:5.1:*:*:*:*:*:*:* | ||
cpe:2.3:o:hp:tru64:5.1a:*:*:*:*:*:*:* | ||
cpe:2.3:o:hp:tru64:5.1a:pk6:*:*:*:*:*:* | ||
cpe:2.3:o:hp:tru64:5.1af:*:*:*:*:*:*:* | ||
cpe:2.3:o:hp:tru64:5.1b:pk1:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091
- http://secunia.com/advisories/22451
- http://secunia.com/advisories/22528
- http://securitytracker.com/id?1017083=
- http://securitytracker.com/id?1017098=
- http://securitytracker.com/id?1017099=
- http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt
- http://www.securityfocus.com/archive/1/449321/100/0/threaded
- http://www.securityfocus.com/bid/20580
- http://www.vupen.com/english/advisories/2006/4139
- http://www.vupen.com/english/advisories/2006/4140
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29644
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175