Vulnerability-Lookup

CVE-2006-5005 (GCVE-0-2006-5005)

Vulnerability from cvelistv5 – Published: 2006-09-27 01:00 – Updated: 2024-08-07 19:32

Summary

Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login.

Severity

No CVSS data available.

CWE

Assigner

mitre

References

8 references

URL	Tags
http://www-1.ibm.com/support/docview.wss?uid=isg1…	vendor-advisoryx_refsource_AIXAPAR
http://www-1.ibm.com/support/docview.wss?uid=isg1…	vendor-advisoryx_refsource_AIXAPAR
http://securitytracker.com/id?1016918	vdb-entryx_refsource_SECTRACK
http://secunia.com/advisories/22111	third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
http://www.vupen.com/english/advisories/2006/3770	vdb-entryx_refsource_VUPEN
http://www.securityfocus.com/bid/20191	vdb-entryx_refsource_BID
ftp://aix.software.ibm.com/aix/efixes/security/README	x_refsource_CONFIRM

Date Public

2006-09-15 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:32:22.961Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IY88566",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88566"
          },
          {
            "name": "IY88615",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88615"
          },
          {
            "name": "1016918",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016918"
          },
          {
            "name": "22111",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22111"
          },
          {
            "name": "aix-login-privilege-escalation(29155)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29155"
          },
          {
            "name": "ADV-2006-3770",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3770"
          },
          {
            "name": "20191",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/20191"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-09-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "IY88566",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88566"
        },
        {
          "name": "IY88615",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88615"
        },
        {
          "name": "1016918",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016918"
        },
        {
          "name": "22111",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22111"
        },
        {
          "name": "aix-login-privilege-escalation(29155)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29155"
        },
        {
          "name": "ADV-2006-3770",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3770"
        },
        {
          "name": "20191",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/20191"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-5005",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IY88566",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88566"
            },
            {
              "name": "IY88615",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88615"
            },
            {
              "name": "1016918",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016918"
            },
            {
              "name": "22111",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22111"
            },
            {
              "name": "aix-login-privilege-escalation(29155)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29155"
            },
            {
              "name": "ADV-2006-3770",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/3770"
            },
            {
              "name": "20191",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/20191"
            },
            {
              "name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
              "refsource": "CONFIRM",
              "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-5005",
    "datePublished": "2006-09-27T01:00:00.000Z",
    "dateReserved": "2006-09-26T00:00:00.000Z",
    "dateUpdated": "2024-08-07T19:32:22.961Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2006-5005",
      "date": "2026-06-20",
      "epss": "0.00414",
      "percentile": "0.32968"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ibm:aix:5.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8A7DBFF-B11B-47EC-9E52-C12B156739D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ibm:aix:5.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A6DE57C2-E728-4016-9774-28FB4B0509AB\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad no especificada en bos.net.tcp.client en IBM AIX 5.2.0 y 5.3.0 permite a usuarios locales ejecutar comandos de su elecci\\u00f3n mediante vectores no especificados implicando /etc/slip.login.\"}]",
      "id": "CVE-2006-5005",
      "lastModified": "2024-11-21T00:17:28.597",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2006-09-27T01:07:00.000",
      "references": "[{\"url\": \"ftp://aix.software.ibm.com/aix/efixes/security/README\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://secunia.com/advisories/22111\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1016918\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www-1.ibm.com/support/docview.wss?uid=isg1IY88566\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www-1.ibm.com/support/docview.wss?uid=isg1IY88615\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/20191\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/3770\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/29155\", \"source\": \"cve@mitre.org\"}, {\"url\": \"ftp://aix.software.ibm.com/aix/efixes/security/README\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://secunia.com/advisories/22111\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1016918\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www-1.ibm.com/support/docview.wss?uid=isg1IY88566\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www-1.ibm.com/support/docview.wss?uid=isg1IY88615\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/20191\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/3770\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/29155\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-5005\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-09-27T01:07:00.000\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en bos.net.tcp.client en IBM AIX 5.2.0 y 5.3.0 permite a usuarios locales ejecutar comandos de su elecci\u00f3n mediante vectores no especificados implicando /etc/slip.login.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:5.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8A7DBFF-B11B-47EC-9E52-C12B156739D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:5.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6DE57C2-E728-4016-9774-28FB4B0509AB\"}]}]}],\"references\":[{\"url\":\"ftp://aix.software.ibm.com/aix/efixes/security/README\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://secunia.com/advisories/22111\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1016918\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=isg1IY88566\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=isg1IY88615\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/20191\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/3770\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/29155\",\"source\":\"cve@mitre.org\"},{\"url\":\"ftp://aix.software.ibm.com/aix/efixes/security/README\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://secunia.com/advisories/22111\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1016918\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=isg1IY88566\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=isg1IY88615\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/20191\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/3770\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/29155\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTA-2006-AVI-415

Vulnerability from certfr_avis - Published: - Updated:

None

Description

De multiples vulnérabilités ont été identifiées dans le système d'exploitation IBM AIX. Elles permettraient à un utilisateur malveillant local au système vulnérable d'élever ses privilèges à ceux de l'administrateur (root), voire de modifier des données ou de provoquer un déni de service. Parmi ces vulnérabilités :

la commande mkvg ne faisant pas appel aux chemins absolus vers certaines fonctions ;
une erreur non précisée dans named8, un serveur de noms de domaines DNS ;
une mauvaise manipulation des fichiers par la commande rdist, servant à distribuer des copies de fichiers à plusieurs hôtes ;
une mauvaise manipulation de la base de données par l'utilitaire Inventory Scout, permettant de lister entre autres les éléments matériels du système ;
une erreur non précisée dans la commande utape associée au mode Diagnostics ;
une mauvaise manipulation des paramètres fournis à la commande cfgmgr, pouvant provoquer un débordement de mémoire ;
une erreur non précisée dans xlock, commande qui permet de verrouiller l'écran, et pouvant être exploitée pour provoquer un débordement de tampon et exécuter des commandes avec les droits de l'administrateur.

Solution

Se référer aux différents bulletins de sécurité d'IBM pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	IBM	AIX	IBM AIX 5.3.0
	IBM	AIX	IBM AIX 5.2.0

References

Title

Publication Time

CERTA-2006-AVI-415

Vulnerability from certfr_avis - Published: - Updated:

None

Description

la commande mkvg ne faisant pas appel aux chemins absolus vers certaines fonctions ;
une erreur non précisée dans named8, un serveur de noms de domaines DNS ;
une mauvaise manipulation des fichiers par la commande rdist, servant à distribuer des copies de fichiers à plusieurs hôtes ;
une mauvaise manipulation de la base de données par l'utilitaire Inventory Scout, permettant de lister entre autres les éléments matériels du système ;
une erreur non précisée dans la commande utape associée au mode Diagnostics ;
une mauvaise manipulation des paramètres fournis à la commande cfgmgr, pouvant provoquer un débordement de mémoire ;
une erreur non précisée dans xlock, commande qui permet de verrouiller l'écran, et pouvant être exploitée pour provoquer un débordement de tampon et exécuter des commandes avec les droits de l'administrateur.

Solution

Se référer aux différents bulletins de sécurité d'IBM pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	IBM	AIX	IBM AIX 5.3.0
	IBM	AIX	IBM AIX 5.2.0

References

Title

Publication Time

FKIE_CVE-2006-5005

Vulnerability from fkie_nvd - Published: 2006-09-27 01:07 - Updated: 2026-06-16 22:30

Severity

Summary

Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login.

References

URL	Tags
cve@mitre.org	ftp://aix.software.ibm.com/aix/efixes/security/README	Patch
cve@mitre.org	http://secunia.com/advisories/22111	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1016918
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=isg1IY88566
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=isg1IY88615
cve@mitre.org	http://www.securityfocus.com/bid/20191	Patch, Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2006/3770
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/29155
af854a3a-2127-422b-91ae-364da2661108	ftp://aix.software.ibm.com/aix/efixes/security/README	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22111	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016918
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=isg1IY88566
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=isg1IY88615
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/20191	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/3770
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/29155

Impacted products

	Vendor	Product	Version
	ibm	aix	5.2.0
	ibm	aix	5.3.0

JSON

To clipboard

{
  "affected": [
    {
      "affectedData": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "source": "cve@mitre.org"
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:aix:5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8A7DBFF-B11B-47EC-9E52-C12B156739D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6DE57C2-E728-4016-9774-28FB4B0509AB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en bos.net.tcp.client en IBM AIX 5.2.0 y 5.3.0 permite a usuarios locales ejecutar comandos de su elecci\u00f3n mediante vectores no especificados implicando /etc/slip.login."
    }
  ],
  "id": "CVE-2006-5005",
  "lastModified": "2026-06-16T22:30:17.630",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-09-27T01:07:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22111"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016918"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88566"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88615"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/20191"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/3770"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29155"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22111"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016918"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88566"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88615"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/20191"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/3770"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29155"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-J9F9-QX28-XR8W

Vulnerability from github – Published: 2022-05-03 03:16 – Updated: 2022-05-03 03:16

Details

Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-5005"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-09-27T01:07:00Z",
    "severity": "HIGH"
  },
  "details": "Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login.",
  "id": "GHSA-j9f9-qx28-xr8w",
  "modified": "2022-05-03T03:16:35Z",
  "published": "2022-05-03T03:16:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-5005"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29155"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22111"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016918"
    },
    {
      "type": "WEB",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88566"
    },
    {
      "type": "WEB",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88615"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/20191"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/3770"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2006-5005

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login.

Aliases

CVE-2006-5005

Aliases

CVE-2006-5005

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-5005",
    "description": "Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login.",
    "id": "GSD-2006-5005"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-5005"
      ],
      "details": "Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login.",
      "id": "GSD-2006-5005",
      "modified": "2023-12-13T01:19:56.043466Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-5005",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "IY88566",
            "refsource": "AIXAPAR",
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88566"
          },
          {
            "name": "IY88615",
            "refsource": "AIXAPAR",
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88615"
          },
          {
            "name": "1016918",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1016918"
          },
          {
            "name": "22111",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22111"
          },
          {
            "name": "aix-login-privilege-escalation(29155)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29155"
          },
          {
            "name": "ADV-2006-3770",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/3770"
          },
          {
            "name": "20191",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/20191"
          },
          {
            "name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
            "refsource": "CONFIRM",
            "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:5.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:5.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-5005"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
            },
            {
              "name": "IY88566",
              "refsource": "AIXAPAR",
              "tags": [],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88566"
            },
            {
              "name": "IY88615",
              "refsource": "AIXAPAR",
              "tags": [],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88615"
            },
            {
              "name": "20191",
              "refsource": "BID",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.securityfocus.com/bid/20191"
            },
            {
              "name": "22111",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/22111"
            },
            {
              "name": "1016918",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1016918"
            },
            {
              "name": "ADV-2006-3770",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/3770"
            },
            {
              "name": "aix-login-privilege-escalation(29155)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29155"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-20T01:33Z",
      "publishedDate": "2006-09-27T01:07Z"
    }
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-5005 (GCVE-0-2006-5005)

CERTA-2006-AVI-415

Description

Solution

CERTA-2006-AVI-415

Description

Solution

FKIE_CVE-2006-5005

GHSA-J9F9-QX28-XR8W

GSD-2006-5005

Tags

Sightings

Nomenclature