cvelistv5 - CVE-2006-6385

CVE-2006-6385 (GCVE-0-2006-6385)

Vulnerability from cvelistv5

Published

2006-12-08 01:00

Modified

2024-08-07 20:26

Severity ?

CWE

Summary

References

URL

Tags

cve@mitre.org	http://lists.freebsd.org/pipermail/freebsd-security/2006-December/004186.html
cve@mitre.org	http://research.eeye.com/html/advisories/published/AD20061207.html
cve@mitre.org	http://research.eeye.com/html/advisories/upcoming/20060710.html
cve@mitre.org	http://secunia.com/advisories/23221	Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/2007
cve@mitre.org	http://securitytracker.com/id?1017346
cve@mitre.org	http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html
cve@mitre.org	http://www.intel.com/support/network/sb/CS-023726.htm	Patch
cve@mitre.org	http://www.kb.cert.org/vuls/id/296681	US Government Resource
cve@mitre.org	http://www.securityfocus.com/archive/1/453852/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/21456
cve@mitre.org	http://www.vupen.com/english/advisories/2006/4871
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/30750
af854a3a-2127-422b-91ae-364da2661108	http://lists.freebsd.org/pipermail/freebsd-security/2006-December/004186.html
af854a3a-2127-422b-91ae-364da2661108	http://research.eeye.com/html/advisories/published/AD20061207.html
af854a3a-2127-422b-91ae-364da2661108	http://research.eeye.com/html/advisories/upcoming/20060710.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23221	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/2007
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1017346
af854a3a-2127-422b-91ae-364da2661108	http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html
af854a3a-2127-422b-91ae-364da2661108	http://www.intel.com/support/network/sb/CS-023726.htm	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/296681	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/453852/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/21456
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/4871
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/30750

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:26:46.044Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "intel-lan-driver-bo(30750)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30750"
          },
          {
            "name": "21456",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/21456"
          },
          {
            "name": "2007",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/2007"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://research.eeye.com/html/advisories/upcoming/20060710.html"
          },
          {
            "name": "[freebsd-security] 20061206 Intel LAN Driver Buffer Overflow Local Privilege Escalation",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.freebsd.org/pipermail/freebsd-security/2006-December/004186.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.intel.com/support/network/sb/CS-023726.htm"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://research.eeye.com/html/advisories/published/AD20061207.html"
          },
          {
            "name": "ADV-2006-4871",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4871"
          },
          {
            "name": "VU#296681",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/296681"
          },
          {
            "name": "23221",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23221"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html"
          },
          {
            "name": "20061207 EEYE: Intel Network Adapter Driver Local Privilege Escalation",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/453852/100/0/threaded"
          },
          {
            "name": "1017346",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1017346"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-12-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers (aka NDIS miniport drivers) before 20061205 allows local users to execute arbitrary code with \"kernel-level\" privileges via an incorrect function call in certain OID handlers."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "intel-lan-driver-bo(30750)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30750"
        },
        {
          "name": "21456",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/21456"
        },
        {
          "name": "2007",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/2007"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://research.eeye.com/html/advisories/upcoming/20060710.html"
        },
        {
          "name": "[freebsd-security] 20061206 Intel LAN Driver Buffer Overflow Local Privilege Escalation",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.freebsd.org/pipermail/freebsd-security/2006-December/004186.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.intel.com/support/network/sb/CS-023726.htm"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://research.eeye.com/html/advisories/published/AD20061207.html"
        },
        {
          "name": "ADV-2006-4871",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4871"
        },
        {
          "name": "VU#296681",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/296681"
        },
        {
          "name": "23221",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23221"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html"
        },
        {
          "name": "20061207 EEYE: Intel Network Adapter Driver Local Privilege Escalation",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/453852/100/0/threaded"
        },
        {
          "name": "1017346",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1017346"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-6385",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers (aka NDIS miniport drivers) before 20061205 allows local users to execute arbitrary code with \"kernel-level\" privileges via an incorrect function call in certain OID handlers."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "intel-lan-driver-bo(30750)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30750"
            },
            {
              "name": "21456",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/21456"
            },
            {
              "name": "2007",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/2007"
            },
            {
              "name": "http://research.eeye.com/html/advisories/upcoming/20060710.html",
              "refsource": "MISC",
              "url": "http://research.eeye.com/html/advisories/upcoming/20060710.html"
            },
            {
              "name": "[freebsd-security] 20061206 Intel LAN Driver Buffer Overflow Local Privilege Escalation",
              "refsource": "MLIST",
              "url": "http://lists.freebsd.org/pipermail/freebsd-security/2006-December/004186.html"
            },
            {
              "name": "http://www.intel.com/support/network/sb/CS-023726.htm",
              "refsource": "CONFIRM",
              "url": "http://www.intel.com/support/network/sb/CS-023726.htm"
            },
            {
              "name": "http://research.eeye.com/html/advisories/published/AD20061207.html",
              "refsource": "MISC",
              "url": "http://research.eeye.com/html/advisories/published/AD20061207.html"
            },
            {
              "name": "ADV-2006-4871",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4871"
            },
            {
              "name": "VU#296681",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/296681"
            },
            {
              "name": "23221",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23221"
            },
            {
              "name": "http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html",
              "refsource": "CONFIRM",
              "url": "http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html"
            },
            {
              "name": "20061207 EEYE: Intel Network Adapter Driver Local Privilege Escalation",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/453852/100/0/threaded"
            },
            {
              "name": "1017346",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1017346"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-6385",
    "datePublished": "2006-12-08T01:00:00",
    "dateReserved": "2006-12-07T00:00:00",
    "dateUpdated": "2024-08-07T20:26:46.044Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-6385\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-12-08T01:28:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers (aka NDIS miniport drivers) before 20061205 allows local users to execute arbitrary code with \\\"kernel-level\\\" privileges via an incorrect function call in certain OID handlers.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de buffer basado en pila en controladores de adaptador de red Intel PRO 10/100, PRO/1000 y PRO/10GbE PCI, PCI-X y PCIe (tambi\u00e9n conocido como controladores miniport NDIS) en versiones anteriores a 20061205 permite a usuarios locales ejecutar c\u00f3digo arbitrario con privilegios \\\"kernel-level\\\" a trav\u00e9s de una llamada a una funci\u00f3n incorrecta en ciertos manejadores OID.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pro_10_100_adapters:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.5.14\",\"matchCriteriaId\":\"FBA8273D-2CEB-49CB-9E1A-674D9EE47C62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pro_10_100_adapters:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.0.3\",\"matchCriteriaId\":\"D5B30BDD-F48F-4045-BD35-2AA6285A51DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pro_10_100_adapters:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.0.27.0\",\"matchCriteriaId\":\"6525A086-3048-4FAB-BB7A-0DC5DFE7F4F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pro_1000_adapters:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.2.7\",\"matchCriteriaId\":\"BBD46EB1-FFCE-4A82-8317-0ADB45046ECD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pro_1000_adapters:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.7.1.0\",\"matchCriteriaId\":\"BB4B7746-9EA9-4F5C-B2FF-9175C2621683\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pro_1000_adapters:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"9.0.15\",\"matchCriteriaId\":\"5518B5CD-9438-4C71-B312-C48621910123\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pro_1000_pcie_adapters:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"9.1.30.0\",\"matchCriteriaId\":\"81471081-ECED-4425-9E0E-7CCCF613CE7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pro_10gbe_adapters:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.109\",\"matchCriteriaId\":\"AB2D2ABA-5F2C-4BC9-8484-06E330E833C1\"}]}]}],\"references\":[{\"url\":\"http://lists.freebsd.org/pipermail/freebsd-security/2006-December/004186.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://research.eeye.com/html/advisories/published/AD20061207.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://research.eeye.com/html/advisories/upcoming/20060710.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/23221\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/2007\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1017346\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.intel.com/support/network/sb/CS-023726.htm\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/296681\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/archive/1/453852/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/21456\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/4871\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/30750\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.freebsd.org/pipermail/freebsd-security/2006-December/004186.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://research.eeye.com/html/advisories/published/AD20061207.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://research.eeye.com/html/advisories/upcoming/20060710.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/23221\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/2007\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1017346\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.intel.com/support/network/sb/CS-023726.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/296681\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/archive/1/453852/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/21456\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/4871\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/30750\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Not Vulnerable.\\neEye Research advisory AD20061207 (Intel Network Adapter Driver Local Privilege  Escalation) describes a flaw in the Linux Kernel drivers for the e100, e1000, and ixgb Intel network cards. The flaw affects the NDIS miniport drivers and its OID support. The Linux Kernel drivers do not support the NDIS API and the OID concept from Microsoft Windows.\",\"lastModified\":\"2006-12-08T00:00:00\"}]}}"
  }
}

ghsa-mmm9-jr3w-fmg8

Vulnerability from github

Published

2022-05-01 07:37

Modified

2022-05-01 07:37

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-6385"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-12-08T01:28:00Z",
    "severity": "HIGH"
  },
  "details": "Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers (aka NDIS miniport drivers) before 20061205 allows local users to execute arbitrary code with \"kernel-level\" privileges via an incorrect function call in certain OID handlers.",
  "id": "GHSA-mmm9-jr3w-fmg8",
  "modified": "2022-05-01T07:37:23Z",
  "published": "2022-05-01T07:37:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-6385"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30750"
    },
    {
      "type": "WEB",
      "url": "http://lists.freebsd.org/pipermail/freebsd-security/2006-December/004186.html"
    },
    {
      "type": "WEB",
      "url": "http://research.eeye.com/html/advisories/published/AD20061207.html"
    },
    {
      "type": "WEB",
      "url": "http://research.eeye.com/html/advisories/upcoming/20060710.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/23221"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/2007"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1017346"
    },
    {
      "type": "WEB",
      "url": "http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html"
    },
    {
      "type": "WEB",
      "url": "http://www.intel.com/support/network/sb/CS-023726.htm"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/296681"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/453852/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/21456"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/4871"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers (aka NDIS miniport drivers) before 20061205 allows local users to execute arbitrary code with "kernel-level" privileges via an incorrect function call in certain OID handlers. Intel PRO Ethernet The driver contains a buffer overflow vulnerability. This can lead to arbitrary code execution on the local machine.A local user may execute arbitrary code with system privileges on the local machine. An attacker can trigger this issue to corrupt memory and to execute code with kernel-level privileges. A successful attack can result in a complete compromise of the affected computer due to privilege escalation. All PCI, PCI-X, and PCIe Intel network adapter drivers are vulnerable. Intel Pro 100/1000 is a series of network card devices launched by Intel. Although the NDIS miniport driver occupies a low level, unprivileged userland code can still communicate with the driver through NIC statistics requests that need to be implemented by NDIS. If an attacker can send an IOCTL_NDIS_QUERY_SELECTED_STATS (0x17000E) request to \Device{adapterguid}, it will cause NDIS.SYS to call the QueryInformationHandler routine registered by the miniport driver when calling NdisMRegisterMiniport. The input buffer provided by this IOCTL is a list of 32-bit OIDs related to statistics, each of which is passed independently to the QueryInformationHandler, which contains the code required to retrieve the statistics and return them to the output buffer. Under Windows 2000, pointers to user-supplied buffers are passed directly to the miniport driver, which means the data is user-controllable. Under Windows XP and later versions, the pointer is transferred to a temporary buffer containing undefined data in the kernel memory, so the pool memory must be controlled before the attack to control the above data. A processor with OID 0xFF0203FC copies the output buffer's string to a stack variable using the following strcpy operation: strcpy(&(var_1D4.sz_62), (char*)InformationBuffer + 4) Thus, an attacker can String causes the processor to completely overwrite the return address of the function, redirecting execution flow to an arbitrary user-mode or kernel-mode address. The attack string must be at offset +0x0C in the output buffer, as NDIS itself uses the first 8 bytes.

To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German.

The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios.

This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links

Read the full description: http://corporate.secunia.com/products/48/?r=l

Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l

TITLE: Intel LAN Driver Unspecified Privilege Escalation Vulnerability

SECUNIA ADVISORY ID: SA23221

VERIFY ADVISORY: http://secunia.com/advisories/23221/

CRITICAL: Less critical

IMPACT: Privilege escalation

WHERE: Local system

SOFTWARE: Intel PRO 10/100 Adapters (Linux) 3.x http://secunia.com/product/12824/ Intel PRO 10/100 Adapters (UnixWare/SCO6) 4.x http://secunia.com/product/12827/ Intel PRO 10/100 Adapters (Windows) 8.x http://secunia.com/product/12821/ Intel PRO/1000 Adapters (Linux) 7.x http://secunia.com/product/12825/ Intel PRO/1000 Adapters (UnixWare/SCO6) 9.x http://secunia.com/product/12828/ Intel PRO/1000 Adapters (Windows) 8.x http://secunia.com/product/12822/ Intel PRO/1000 PCIe Adapters (Windows) 9.x http://secunia.com/product/12823/ Intel PRO/10GbE Adapters (Linux) 1.x http://secunia.com/product/12826/

DESCRIPTION: A vulnerability has been reported in Intel LAN drivers, which can be exploited by malicious, local users to gain escalated privileges.

The vulnerability is caused due to an unspecified error and can be exploited to cause a buffer overflow by using certain function calls incorrectly.

SOLUTION: Apply patches (see the vendor's advisory for details).

PROVIDED AND/OR DISCOVERED BY: The vendor credits eEye Digital Security.

ORIGINAL ADVISORY: Intel: http://www.intel.com/support/network/sb/CS-023726.htm

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200612-0565",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "pro 10 100 adapters",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3.5.14"
      },
      {
        "model": "pro 1000 adapters",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7.2.7"
      },
      {
        "model": "pro 1000 adapters",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8.7.1.0"
      },
      {
        "model": "pro 10 100 adapters",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8.0.27.0"
      },
      {
        "model": "pro 10 100 adapters",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4.0.3"
      },
      {
        "model": "pro 1000 pcie adapters",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "intel",
        "version": "9.1.30.0"
      },
      {
        "model": "pro 10gbe adapters",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1.0.109"
      },
      {
        "model": "pro 1000 adapters",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "intel",
        "version": "9.0.15"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "hitachi",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "pcie pro/1000",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "intel",
        "version": "9.0.15.0 from  9.1.34.0"
      },
      {
        "model": "pro 10/100",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "intel",
        "version": "4.2.38.1 from  8.0.27.0"
      },
      {
        "model": "pro/1000",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "intel",
        "version": "6.2.21.0 from  8.7.1.0"
      },
      {
        "model": "vaio",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sony",
        "version": "( see the vendor information for type names. )"
      },
      {
        "model": "flora",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "220w(np3/np4/np7/np9)"
      },
      {
        "model": "flora",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "270gx(nw1/nw2/nw3)"
      },
      {
        "model": "flora",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "270hx(nw5)"
      },
      {
        "model": "flora",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "270w(nw6/nw7)"
      },
      {
        "model": "flora",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "330w(dg5/dg8)"
      },
      {
        "model": "flora",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "350w(de3/de4/de5/de7/de8/de9)"
      },
      {
        "model": "flora",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "bd100 a1/a3/b2/b3"
      },
      {
        "model": "ha8000 series",
        "scope": null,
        "trust": 0.8,
        "vendor": "hitachi",
        "version": null
      },
      {
        "model": "prius air",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "k series: pcf-ar37k"
      },
      {
        "model": "prius air",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "pcf-ar35k"
      },
      {
        "model": "prius air",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "pcf-ar340"
      },
      {
        "model": "prius air",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "l series: pcf-ar37l"
      },
      {
        "model": "prius air",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "pcf-ar35l"
      },
      {
        "model": "prius air",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "m series: pcf-ar37m"
      },
      {
        "model": "prius air",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "pcf-ar35m"
      },
      {
        "model": "prius air",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "pcf-ar33m"
      },
      {
        "model": "prius air",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "n series: pcf-ar35n"
      },
      {
        "model": "prius air",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "pcf-ar33n"
      },
      {
        "model": "prius airnote",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "k series: pcf-an37kt"
      },
      {
        "model": "prius airnote",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "l series: pcf-an37lt"
      },
      {
        "model": "prius deck",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "l series: pcf-ds75l"
      },
      {
        "model": "prius deck",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "pcf-ds73l"
      },
      {
        "model": "prius deck",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "m series: pcf-ds75m"
      },
      {
        "model": "prius deck",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "pcf-ds73m"
      },
      {
        "model": "prius deck",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "n series: pcf-dh75n"
      },
      {
        "model": "prius deck",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "pcf-dh73n"
      },
      {
        "model": "prius deck",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "p series: pcf-dh75p2"
      },
      {
        "model": "prius deck",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "pcf-dh73p2"
      },
      {
        "model": "prius deck",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "pcf-dh74p2w"
      },
      {
        "model": "celsius work station",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "fujitsu",
        "version": "( see the vendor information for type names. )"
      },
      {
        "model": "fmv desktop",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "fujitsu",
        "version": "series  ( see the vendor information for type names. )"
      },
      {
        "model": "fmv fa computer",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "fujitsu",
        "version": "( see the vendor information for type names. )"
      },
      {
        "model": "fmv-deskpower",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "fujitsu",
        "version": "series  ( see the vendor information for type names. )"
      },
      {
        "model": "fmv-esprimo",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "fujitsu",
        "version": "series  ( see the vendor information for type names. )"
      },
      {
        "model": "fmv-lifebook",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "fujitsu",
        "version": "series  ( see the vendor information for type names. )"
      },
      {
        "model": "option card",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "fujitsu",
        "version": "(fmv lan driver  - refer to vendor information for details. )"
      },
      {
        "model": "pro/1000",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "intel",
        "version": "8.7.9.0"
      },
      {
        "model": "pro 1000 adapters",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "7.2.7"
      },
      {
        "model": "pro 10gbe adapters",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "1.0.109"
      },
      {
        "model": "pro 1000 pcie adapters",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "9.1.30.0"
      },
      {
        "model": "pro 1000 adapters",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "9.0.15"
      },
      {
        "model": "pro 1000 adapters",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "8.7.1.0"
      },
      {
        "model": "pro 10 100 adapters",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "3.5.14"
      },
      {
        "model": "pro 10 100 adapters",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "4.0.3"
      },
      {
        "model": "pro 10 100 adapters",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "8.0.27.0"
      },
      {
        "model": "pro/10gbe",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "1.0.109"
      },
      {
        "model": "pro/1000 pcie",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "9.1.30.0"
      },
      {
        "model": "pro/1000",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "pro/1000",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "9.0.15"
      },
      {
        "model": "pro/1000",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "7.2.7"
      },
      {
        "model": "pro/1000",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "8.7.1.0"
      },
      {
        "model": "pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "10/1004.0.3"
      },
      {
        "model": "pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "10/1003.5.14"
      },
      {
        "model": "pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "10/1008.0.27.0"
      },
      {
        "model": "pro/10gbe",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "1.0.119"
      },
      {
        "model": "pro/1000 pcie",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "9.6.31"
      },
      {
        "model": "pro/1000",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "7.2.17"
      },
      {
        "model": "pro/1000",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "9.2.6"
      },
      {
        "model": "pro/1000",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "7.3.15"
      },
      {
        "model": "pro",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "10/1004.0.4"
      },
      {
        "model": "pro",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "10/1003.5.17"
      },
      {
        "model": "pro",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "10/1008.0.43.0"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#296681"
      },
      {
        "db": "BID",
        "id": "21456"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000813"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200612-151"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-6385"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/h:intel:pcie_pro_1000",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:intel:pro_10_100",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:intel:pro_1000",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:sony:vaio",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hitachi:flora",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hitachi:ha8000",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hitachi:prius_air",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hitachi:prius_airnote",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:hitachi:prius_deck",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:fujitsu:celsius_workstation",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:fujitsu:fmv_desktop",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:fujitsu:fmv_fa_personal_computer",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:fujitsu:fmv-deskpower",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:fujitsu:fmv-esprimo",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:fujitsu:fmv-lifebook",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:fujitsu:option_card",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000813"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Derek Soeder dsoeder@eeye.com",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200612-151"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2006-6385",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2006-6385",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "VHN-22493",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2006-6385",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#296681",
            "trust": 0.8,
            "value": "1.06"
          },
          {
            "author": "NVD",
            "id": "CVE-2006-6385",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200612-151",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-22493",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#296681"
      },
      {
        "db": "VULHUB",
        "id": "VHN-22493"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000813"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200612-151"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-6385"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers (aka NDIS miniport drivers) before 20061205 allows local users to execute arbitrary code with \"kernel-level\" privileges via an incorrect function call in certain OID handlers. Intel PRO Ethernet The driver contains a buffer overflow vulnerability. This can lead to arbitrary code execution on the local machine.A local user may execute arbitrary code with system privileges on the local machine. \nAn attacker can trigger this issue to corrupt memory and to execute code with kernel-level privileges. \nA successful attack can result in a complete compromise of the affected computer due to privilege escalation. \nAll PCI, PCI-X, and PCIe Intel network adapter drivers are vulnerable. Intel Pro 100/1000 is a series of network card devices launched by Intel. Although the NDIS miniport driver occupies a low level, unprivileged userland code can still communicate with the driver through NIC statistics requests that need to be implemented by NDIS. If an attacker can send an IOCTL_NDIS_QUERY_SELECTED_STATS (0x17000E) request to \\Device\\{adapterguid}, it will cause NDIS.SYS to call the QueryInformationHandler routine registered by the miniport driver when calling NdisMRegisterMiniport. The input buffer provided by this IOCTL is a list of 32-bit OIDs related to statistics, each of which is passed independently to the QueryInformationHandler, which contains the code required to retrieve the statistics and return them to the output buffer. Under Windows 2000, pointers to user-supplied buffers are passed directly to the miniport driver, which means the data is user-controllable. Under Windows XP and later versions, the pointer is transferred to a temporary buffer containing undefined data in the kernel memory, so the pool memory must be controlled before the attack to control the above data. A processor with OID 0xFF0203FC copies the output buffer\u0027s string to a stack variable using the following strcpy operation: strcpy(\u0026(var_1D4.sz_62), (char*)InformationBuffer + 4) Thus, an attacker can String causes the processor to completely overwrite the return address of the function, redirecting execution flow to an arbitrary user-mode or kernel-mode address. The attack string must be at offset +0x0C in the output buffer, as NDIS itself uses the first 8 bytes. \n\n----------------------------------------------------------------------\n\nTo improve our services to our customers, we have made a number of\nadditions to the Secunia Advisories and have started translating the\nadvisories to German. \n\nThe improvements will help our customers to get a better\nunderstanding of how we reached our conclusions, how it was rated,\nour thoughts on exploitation, attack vectors, and scenarios. \n\nThis includes:\n* Reason for rating\n* Extended description\n* Extended solution\n* Exploit code or links to exploit code\n* Deep links\n\nRead the full description:\nhttp://corporate.secunia.com/products/48/?r=l\n\nContact Secunia Sales for more information:\nhttp://corporate.secunia.com/how_to_buy/15/?r=l\n\n----------------------------------------------------------------------\n\nTITLE:\nIntel LAN Driver Unspecified Privilege Escalation Vulnerability\n\nSECUNIA ADVISORY ID:\nSA23221\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/23221/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nPrivilege escalation\n\nWHERE:\nLocal system\n\nSOFTWARE:\nIntel PRO 10/100 Adapters (Linux) 3.x\nhttp://secunia.com/product/12824/\nIntel PRO 10/100 Adapters (UnixWare/SCO6) 4.x\nhttp://secunia.com/product/12827/\nIntel PRO 10/100 Adapters (Windows) 8.x\nhttp://secunia.com/product/12821/\nIntel PRO/1000 Adapters (Linux) 7.x\nhttp://secunia.com/product/12825/\nIntel PRO/1000 Adapters (UnixWare/SCO6) 9.x\nhttp://secunia.com/product/12828/\nIntel PRO/1000 Adapters (Windows) 8.x\nhttp://secunia.com/product/12822/\nIntel PRO/1000 PCIe Adapters (Windows) 9.x\nhttp://secunia.com/product/12823/\nIntel PRO/10GbE Adapters (Linux) 1.x\nhttp://secunia.com/product/12826/\n\nDESCRIPTION:\nA vulnerability has been reported in Intel LAN drivers, which can be\nexploited by malicious, local users to gain escalated privileges. \n\nThe vulnerability is caused due to an unspecified error and can be\nexploited to cause a buffer overflow by using certain function calls\nincorrectly. \n\nSOLUTION:\nApply patches (see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits eEye Digital Security. \n\nORIGINAL ADVISORY:\nIntel:\nhttp://www.intel.com/support/network/sb/CS-023726.htm\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-6385"
      },
      {
        "db": "CERT/CC",
        "id": "VU#296681"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000813"
      },
      {
        "db": "BID",
        "id": "21456"
      },
      {
        "db": "VULHUB",
        "id": "VHN-22493"
      },
      {
        "db": "PACKETSTORM",
        "id": "52799"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "SECUNIA",
        "id": "23221",
        "trust": 3.4
      },
      {
        "db": "CERT/CC",
        "id": "VU#296681",
        "trust": 3.3
      },
      {
        "db": "BID",
        "id": "21456",
        "trust": 2.8
      },
      {
        "db": "NVD",
        "id": "CVE-2006-6385",
        "trust": 2.8
      },
      {
        "db": "SECTRACK",
        "id": "1017346",
        "trust": 2.5
      },
      {
        "db": "SREASON",
        "id": "2007",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2006-4871",
        "trust": 1.7
      },
      {
        "db": "XF",
        "id": "30750",
        "trust": 1.4
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000813",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200612-151",
        "trust": 0.7
      },
      {
        "db": "MLIST",
        "id": "[FREEBSD-SECURITY] 20061206 INTEL LAN DRIVER BUFFER OVERFLOW LOCAL PRIVILEGE ESCALATION",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20061207 EEYE: INTEL NETWORK ADAPTER DRIVER LOCAL PRIVILEGE ESCALATION",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-22493",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "52799",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#296681"
      },
      {
        "db": "VULHUB",
        "id": "VHN-22493"
      },
      {
        "db": "BID",
        "id": "21456"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000813"
      },
      {
        "db": "PACKETSTORM",
        "id": "52799"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200612-151"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-6385"
      }
    ]
  },
  "id": "VAR-200612-0565",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-22493"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T22:46:56.734000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Network Connectivity - Intel LAN Driver Buffer Overflow Local Privilege Escalation",
        "trust": 0.8,
        "url": "http://www.intel.com/support/network/sb/CS-023726.htm"
      },
      {
        "title": "Network Connectivity - How to Determine the Driver Version for an Intel Network Adapter",
        "trust": 0.8,
        "url": "http://support.intel.com/support/network/sb/CS-023453.htm"
      },
      {
        "title": "INTEL-SA-00006",
        "trust": 0.8,
        "url": "http://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00006\u0026languageid=en-fr"
      },
      {
        "title": "\u30b5\u30dd\u30fc\u30c8\u30da\u30fc\u30b8",
        "trust": 0.8,
        "url": "http://vcl.vaio.sony.co.jp/"
      },
      {
        "title": "\u300cEthernet Driver Ver.8.0.43.0\u300d\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u30d7\u30ed\u30b0\u30e9\u30e0",
        "trust": 0.8,
        "url": "http://vcl.vaio.sony.co.jp/download/SP-015317-00.html"
      },
      {
        "title": "\u300cEthernet Driver Ver.8.7.9.0\u300d\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u30d7\u30ed\u30b0\u30e9\u30e0",
        "trust": 0.8,
        "url": "http://vcl.vaio.sony.co.jp/download/SP-015318-00.html"
      },
      {
        "title": "\u300cEthernet Driver Ver.9.6.31.0\u300d\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u30d7\u30ed\u30b0\u30e9\u30e0",
        "trust": 0.8,
        "url": "http://vcl.vaio.sony.co.jp/download/SP-015318-01.html"
      },
      {
        "title": "\u30a4\u30f3\u30c6\u30ebR LAN \u30c9\u30e9\u30a4\u30d0\u30fc : \u30d0\u30c3\u30d5\u30a1\u30fc\u30fb\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\u306b\u3088\u308b\u30ed\u30fc\u30ab\u30eb\u6a29\u9650\u306e\u6607\u683c",
        "trust": 0.8,
        "url": "http://www.intel.com/jp/support/network/sb/CS-023726.htm"
      },
      {
        "title": "\u3010\u91cd\u8981\u3011Inetl\u793e\u88fdLAN\u30c9\u30e9\u30a4\u30d0\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
        "trust": 0.8,
        "url": "http://www.hitachi.co.jp/Prod/comp/OSD/pc/ha/information/info070104.html"
      },
      {
        "title": "\u3010\u91cd\u8981\u3011 Intel\u793e\u88fdLAN\u30c9\u30e9\u30a4\u30d0\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
        "trust": 0.8,
        "url": "http://www.hitachi.co.jp/Prod/comp/OSD/pc/flora/information/info0701051.html"
      },
      {
        "title": "Intel\u793e\u88fdLAN\u30c9\u30e9\u30a4\u30d0\u306e\u8106\u5f31\u6027\u306b\u95a2\u3057\u3066",
        "trust": 0.8,
        "url": "http://prius.jeevessolutions.jp/je/faq.asp?fid=104034"
      },
      {
        "title": "[\u7dca\u6025] Intel\u793e\u88fdLAN\u30c9\u30e9\u30a4\u30d0\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
        "trust": 0.8,
        "url": "http://www.fmworld.net/biz/common/intel/lan-driver/"
      },
      {
        "title": "VU#296681",
        "trust": 0.8,
        "url": "http://software.fujitsu.com/jp/security/vulnerabilities/vu296681.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000813"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-6385"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.9,
        "url": "http://www.intel.com/support/network/sb/cs-023726.htm"
      },
      {
        "trust": 2.5,
        "url": "http://research.eeye.com/html/advisories/published/ad20061207.html"
      },
      {
        "trust": 2.5,
        "url": "http://research.eeye.com/html/advisories/upcoming/20060710.html"
      },
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/21456"
      },
      {
        "trust": 2.5,
        "url": "http://www.kb.cert.org/vuls/id/296681"
      },
      {
        "trust": 2.5,
        "url": "http://securitytracker.com/id?1017346"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/23221"
      },
      {
        "trust": 1.7,
        "url": "http://lists.freebsd.org/pipermail/freebsd-security/2006-december/004186.html"
      },
      {
        "trust": 1.7,
        "url": "http://securityreason.com/securityalert/2007"
      },
      {
        "trust": 1.4,
        "url": "http://xforce.iss.net/xforce/xfdb/30750"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/453852/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2006/4871"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30750"
      },
      {
        "trust": 0.9,
        "url": "http://secunia.com/advisories/23221/"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6385"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu%23296681/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-6385"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2006/4871"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/453852/100/0/threaded"
      },
      {
        "trust": 0.3,
        "url": "http://support.intel.com/support/network/sb/cs-006120.htm"
      },
      {
        "trust": 0.3,
        "url": "http://support.intel.com/support/network/sb/cs-006103.htm"
      },
      {
        "trust": 0.3,
        "url": "http://support.intel.com/support/network/adapter/pro100/sb/cs-008402.htm"
      },
      {
        "trust": 0.3,
        "url": "http://www-307.ibm.com/pc/support/site.wss/document.do?lndocid=migr-67116"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/453852"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/12822/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/12821/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/12825/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/12828/"
      },
      {
        "trust": 0.1,
        "url": "http://corporate.secunia.com/products/48/?r=l"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/12826/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/12827/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://corporate.secunia.com/how_to_buy/15/?r=l"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/12824/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/12823/"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#296681"
      },
      {
        "db": "VULHUB",
        "id": "VHN-22493"
      },
      {
        "db": "BID",
        "id": "21456"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000813"
      },
      {
        "db": "PACKETSTORM",
        "id": "52799"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200612-151"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-6385"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#296681"
      },
      {
        "db": "VULHUB",
        "id": "VHN-22493"
      },
      {
        "db": "BID",
        "id": "21456"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000813"
      },
      {
        "db": "PACKETSTORM",
        "id": "52799"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200612-151"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-6385"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2006-12-18T00:00:00",
        "db": "CERT/CC",
        "id": "VU#296681"
      },
      {
        "date": "2006-12-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-22493"
      },
      {
        "date": "2006-12-06T00:00:00",
        "db": "BID",
        "id": "21456"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-000813"
      },
      {
        "date": "2006-12-07T06:24:29",
        "db": "PACKETSTORM",
        "id": "52799"
      },
      {
        "date": "2006-12-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200612-151"
      },
      {
        "date": "2006-12-08T01:28:00",
        "db": "NVD",
        "id": "CVE-2006-6385"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-01-19T00:00:00",
        "db": "CERT/CC",
        "id": "VU#296681"
      },
      {
        "date": "2018-10-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-22493"
      },
      {
        "date": "2008-05-06T22:45:00",
        "db": "BID",
        "id": "21456"
      },
      {
        "date": "2007-06-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-000813"
      },
      {
        "date": "2006-12-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200612-151"
      },
      {
        "date": "2024-11-21T00:22:33.473000",
        "db": "NVD",
        "id": "CVE-2006-6385"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "21456"
      },
      {
        "db": "PACKETSTORM",
        "id": "52799"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200612-151"
      }
    ],
    "trust": 1.0
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Intel network drivers privilege escalation vulnerability",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#296681"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200612-151"
      }
    ],
    "trust": 0.6
  }
}

fkie_cve-2006-6385

Vulnerability from fkie_nvd

Published

2006-12-08 01:28

Modified

2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://lists.freebsd.org/pipermail/freebsd-security/2006-December/004186.html
cve@mitre.org	http://research.eeye.com/html/advisories/published/AD20061207.html
cve@mitre.org	http://research.eeye.com/html/advisories/upcoming/20060710.html
cve@mitre.org	http://secunia.com/advisories/23221	Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/2007
cve@mitre.org	http://securitytracker.com/id?1017346
cve@mitre.org	http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html
cve@mitre.org	http://www.intel.com/support/network/sb/CS-023726.htm	Patch
cve@mitre.org	http://www.kb.cert.org/vuls/id/296681	US Government Resource
cve@mitre.org	http://www.securityfocus.com/archive/1/453852/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/21456
cve@mitre.org	http://www.vupen.com/english/advisories/2006/4871
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/30750
af854a3a-2127-422b-91ae-364da2661108	http://lists.freebsd.org/pipermail/freebsd-security/2006-December/004186.html
af854a3a-2127-422b-91ae-364da2661108	http://research.eeye.com/html/advisories/published/AD20061207.html
af854a3a-2127-422b-91ae-364da2661108	http://research.eeye.com/html/advisories/upcoming/20060710.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23221	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/2007
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1017346
af854a3a-2127-422b-91ae-364da2661108	http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html
af854a3a-2127-422b-91ae-364da2661108	http://www.intel.com/support/network/sb/CS-023726.htm	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/296681	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/453852/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/21456
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/4871
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/30750

Impacted products

Vendor	Product	Version
intel	pro_10_100_adapters	*
intel	pro_10_100_adapters	*
intel	pro_10_100_adapters	*
intel	pro_1000_adapters	*
intel	pro_1000_adapters	*
intel	pro_1000_adapters	*
intel	pro_1000_pcie_adapters	*
intel	pro_10gbe_adapters	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:pro_10_100_adapters:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA8273D-2CEB-49CB-9E1A-674D9EE47C62",
              "versionEndIncluding": "3.5.14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:pro_10_100_adapters:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5B30BDD-F48F-4045-BD35-2AA6285A51DB",
              "versionEndIncluding": "4.0.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:pro_10_100_adapters:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6525A086-3048-4FAB-BB7A-0DC5DFE7F4F0",
              "versionEndIncluding": "8.0.27.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:pro_1000_adapters:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBD46EB1-FFCE-4A82-8317-0ADB45046ECD",
              "versionEndIncluding": "7.2.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:pro_1000_adapters:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB4B7746-9EA9-4F5C-B2FF-9175C2621683",
              "versionEndIncluding": "8.7.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:pro_1000_adapters:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5518B5CD-9438-4C71-B312-C48621910123",
              "versionEndIncluding": "9.0.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:pro_1000_pcie_adapters:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "81471081-ECED-4425-9E0E-7CCCF613CE7B",
              "versionEndIncluding": "9.1.30.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:intel:pro_10gbe_adapters:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB2D2ABA-5F2C-4BC9-8484-06E330E833C1",
              "versionEndIncluding": "1.0.109",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers (aka NDIS miniport drivers) before 20061205 allows local users to execute arbitrary code with \"kernel-level\" privileges via an incorrect function call in certain OID handlers."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de buffer basado en pila en controladores de adaptador de red Intel PRO 10/100, PRO/1000 y PRO/10GbE PCI, PCI-X y PCIe (tambi\u00e9n conocido como controladores miniport NDIS) en versiones anteriores a 20061205 permite a usuarios locales ejecutar c\u00f3digo arbitrario con privilegios \"kernel-level\" a trav\u00e9s de una llamada a una funci\u00f3n incorrecta en ciertos manejadores OID."
    }
  ],
  "id": "CVE-2006-6385",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-12-08T01:28:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.freebsd.org/pipermail/freebsd-security/2006-December/004186.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://research.eeye.com/html/advisories/published/AD20061207.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://research.eeye.com/html/advisories/upcoming/20060710.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23221"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/2007"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1017346"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.intel.com/support/network/sb/CS-023726.htm"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/296681"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/453852/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/21456"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/4871"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30750"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.freebsd.org/pipermail/freebsd-security/2006-December/004186.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://research.eeye.com/html/advisories/published/AD20061207.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://research.eeye.com/html/advisories/upcoming/20060710.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23221"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/2007"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1017346"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.intel.com/support/network/sb/CS-023726.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/296681"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/453852/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/21456"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/4871"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30750"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not Vulnerable.\neEye Research advisory AD20061207 (Intel Network Adapter Driver Local Privilege  Escalation) describes a flaw in the Linux Kernel drivers for the e100, e1000, and ixgb Intel network cards. The flaw affects the NDIS miniport drivers and its OID support. The Linux Kernel drivers do not support the NDIS API and the OID concept from Microsoft Windows.",
      "lastModified": "2006-12-08T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2006-6385

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2006-6385

Aliases

CVE-2006-6385

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-6385",
    "description": "Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers (aka NDIS miniport drivers) before 20061205 allows local users to execute arbitrary code with \"kernel-level\" privileges via an incorrect function call in certain OID handlers.",
    "id": "GSD-2006-6385",
    "references": [
      "https://www.suse.com/security/cve/CVE-2006-6385.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-6385"
      ],
      "details": "Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers (aka NDIS miniport drivers) before 20061205 allows local users to execute arbitrary code with \"kernel-level\" privileges via an incorrect function call in certain OID handlers.",
      "id": "GSD-2006-6385",
      "modified": "2023-12-13T01:19:54.469323Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-6385",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers (aka NDIS miniport drivers) before 20061205 allows local users to execute arbitrary code with \"kernel-level\" privileges via an incorrect function call in certain OID handlers."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "intel-lan-driver-bo(30750)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30750"
          },
          {
            "name": "21456",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/21456"
          },
          {
            "name": "2007",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/2007"
          },
          {
            "name": "http://research.eeye.com/html/advisories/upcoming/20060710.html",
            "refsource": "MISC",
            "url": "http://research.eeye.com/html/advisories/upcoming/20060710.html"
          },
          {
            "name": "[freebsd-security] 20061206 Intel LAN Driver Buffer Overflow Local Privilege Escalation",
            "refsource": "MLIST",
            "url": "http://lists.freebsd.org/pipermail/freebsd-security/2006-December/004186.html"
          },
          {
            "name": "http://www.intel.com/support/network/sb/CS-023726.htm",
            "refsource": "CONFIRM",
            "url": "http://www.intel.com/support/network/sb/CS-023726.htm"
          },
          {
            "name": "http://research.eeye.com/html/advisories/published/AD20061207.html",
            "refsource": "MISC",
            "url": "http://research.eeye.com/html/advisories/published/AD20061207.html"
          },
          {
            "name": "ADV-2006-4871",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/4871"
          },
          {
            "name": "VU#296681",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/296681"
          },
          {
            "name": "23221",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/23221"
          },
          {
            "name": "http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html",
            "refsource": "CONFIRM",
            "url": "http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html"
          },
          {
            "name": "20061207 EEYE: Intel Network Adapter Driver Local Privilege Escalation",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/453852/100/0/threaded"
          },
          {
            "name": "1017346",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1017346"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:intel:pro_1000_adapters:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "9.0.15",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:pro_1000_pcie_adapters:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "9.1.30.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:pro_10_100_adapters:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.0.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:pro_10_100_adapters:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.0.27.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:pro_10_100_adapters:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.5.14",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:pro_10gbe_adapters:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.0.109",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:pro_1000_adapters:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.2.7",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:intel:pro_1000_adapters:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.7.1.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-6385"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers (aka NDIS miniport drivers) before 20061205 allows local users to execute arbitrary code with \"kernel-level\" privileges via an incorrect function call in certain OID handlers."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://research.eeye.com/html/advisories/upcoming/20060710.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://research.eeye.com/html/advisories/upcoming/20060710.html"
            },
            {
              "name": "http://www.intel.com/support/network/sb/CS-023726.htm",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://www.intel.com/support/network/sb/CS-023726.htm"
            },
            {
              "name": "23221",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/23221"
            },
            {
              "name": "[freebsd-security] 20061206 Intel LAN Driver Buffer Overflow Local Privilege Escalation",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://lists.freebsd.org/pipermail/freebsd-security/2006-December/004186.html"
            },
            {
              "name": "http://research.eeye.com/html/advisories/published/AD20061207.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://research.eeye.com/html/advisories/published/AD20061207.html"
            },
            {
              "name": "21456",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/21456"
            },
            {
              "name": "1017346",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1017346"
            },
            {
              "name": "VU#296681",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/296681"
            },
            {
              "name": "2007",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/2007"
            },
            {
              "name": "ADV-2006-4871",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/4871"
            },
            {
              "name": "http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.fujitsu.com/global/support/software/security/products-f/primergy-200701e.html"
            },
            {
              "name": "intel-lan-driver-bo(30750)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30750"
            },
            {
              "name": "20061207 EEYE: Intel Network Adapter Driver Local Privilege Escalation",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/453852/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-17T21:48Z",
      "publishedDate": "2006-12-08T01:28Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2006-6385 (GCVE-0-2006-6385)

Vulnerability from cvelistv5

ghsa-mmm9-jr3w-fmg8

Vulnerability from github

var-200612-0565

Vulnerability from variot

fkie_cve-2006-6385

Vulnerability from fkie_nvd

gsd-2006-6385

Vulnerability from gsd

Tags

Sightings

Nomenclature