CVE-2006-4307

Properties

Published:
22.08.2006
Updated:
30.03.2007
Patch available:
Severity:
High
CVSS vector:
(AV:L/AC:L/Au:NR/C:C/I:C/A:C/B:N)
Product:
Sun: Solaris
Sun: Solaris
Sun: Solaris
Sun: Solaris

Vulnerability description

Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary files via unspecified vectors involving profiles that permit running format with elevated privileges, a different issue than CVE-2006-4306 and CVE-2006-4319.

References:

SUNALERT: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102514-1
BID: http://www.securityfocus.com/bid/19647
SECTRACK: http://securitytracker.com/id?1016726
FRSIRT: http://www.frsirt.com/english/advisories/2006/3355
SECUNIA: http://secunia.com/advisories/21581
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm: http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
SECUNIA: http://secunia.com/advisories/22295