CVE-2006-5327 (GCVE-0-2006-5327)
Vulnerability from cvelistv5
Published
2006-10-17 21:00
Modified
2024-08-07 19:48
Severity ?
CWE
  • n/a
Summary
Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to execute arbitrary code via a modified PATH that references a malicious gzip program, which is executed by gnutar with certain TAR_OPTIONS environment variable settings, when gnutar is invoked by OpenBase.
References
cve@mitre.org http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html
cve@mitre.org http://secunia.com/advisories/22390 Patch, Vendor Advisory
cve@mitre.org http://secunia.com/advisories/22474 Patch, Vendor Advisory
cve@mitre.org http://secunia.com/advisories/27441
cve@mitre.org http://www.digitalmunition.com/DMA%5B2006-1016a%5D.txt
cve@mitre.org http://www.digitalmunition.com/Xcode_OpenBase_pwn.pl
cve@mitre.org http://www.securityfocus.com/bid/20562 Exploit
cve@mitre.org http://www.securitytracker.com/id?1018872
cve@mitre.org http://www.vupen.com/english/advisories/2006/4058
cve@mitre.org http://www.vupen.com/english/advisories/2006/4059
cve@mitre.org http://www.vupen.com/english/advisories/2007/3665
cve@mitre.org https://exchange.xforce.ibmcloud.com/vulnerabilities/29624
af854a3a-2127-422b-91ae-364da2661108 http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/22390 Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/22474 Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/27441
af854a3a-2127-422b-91ae-364da2661108 http://www.digitalmunition.com/DMA%5B2006-1016a%5D.txt
af854a3a-2127-422b-91ae-364da2661108 http://www.digitalmunition.com/Xcode_OpenBase_pwn.pl
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/bid/20562 Exploit
af854a3a-2127-422b-91ae-364da2661108 http://www.securitytracker.com/id?1018872
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2006/4058
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2006/4059
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2007/3665
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/29624
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:48:29.636Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "22390",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22390"
          },
          {
            "name": "ADV-2006-4058",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4058"
          },
          {
            "name": "27441",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27441"
          },
          {
            "name": "ADV-2007-3665",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3665"
          },
          {
            "name": "ADV-2006-4059",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4059"
          },
          {
            "name": "1018872",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018872"
          },
          {
            "name": "APPLE-SA-2007-10-30",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.digitalmunition.com/Xcode_OpenBase_pwn.pl"
          },
          {
            "name": "20562",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/20562"
          },
          {
            "name": "openbase-sql-privilege-escalation(29624)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29624"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.digitalmunition.com/DMA%5B2006-1016a%5D.txt"
          },
          {
            "name": "22474",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22474"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-10-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to execute arbitrary code via a modified PATH that references a malicious gzip program, which is executed by gnutar with certain TAR_OPTIONS environment variable settings, when gnutar is invoked by OpenBase."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "22390",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22390"
        },
        {
          "name": "ADV-2006-4058",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4058"
        },
        {
          "name": "27441",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27441"
        },
        {
          "name": "ADV-2007-3665",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3665"
        },
        {
          "name": "ADV-2006-4059",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4059"
        },
        {
          "name": "1018872",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018872"
        },
        {
          "name": "APPLE-SA-2007-10-30",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.digitalmunition.com/Xcode_OpenBase_pwn.pl"
        },
        {
          "name": "20562",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/20562"
        },
        {
          "name": "openbase-sql-privilege-escalation(29624)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29624"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.digitalmunition.com/DMA%5B2006-1016a%5D.txt"
        },
        {
          "name": "22474",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22474"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-5327",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to execute arbitrary code via a modified PATH that references a malicious gzip program, which is executed by gnutar with certain TAR_OPTIONS environment variable settings, when gnutar is invoked by OpenBase."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "22390",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22390"
            },
            {
              "name": "ADV-2006-4058",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4058"
            },
            {
              "name": "27441",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27441"
            },
            {
              "name": "ADV-2007-3665",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3665"
            },
            {
              "name": "ADV-2006-4059",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4059"
            },
            {
              "name": "1018872",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018872"
            },
            {
              "name": "APPLE-SA-2007-10-30",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html"
            },
            {
              "name": "http://www.digitalmunition.com/Xcode_OpenBase_pwn.pl",
              "refsource": "MISC",
              "url": "http://www.digitalmunition.com/Xcode_OpenBase_pwn.pl"
            },
            {
              "name": "20562",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/20562"
            },
            {
              "name": "openbase-sql-privilege-escalation(29624)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29624"
            },
            {
              "name": "http://www.digitalmunition.com/DMA[2006-1016a].txt",
              "refsource": "MISC",
              "url": "http://www.digitalmunition.com/DMA[2006-1016a].txt"
            },
            {
              "name": "22474",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22474"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-5327",
    "datePublished": "2006-10-17T21:00:00",
    "dateReserved": "2006-10-17T00:00:00",
    "dateUpdated": "2024-08-07T19:48:29.636Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-5327\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-10-17T21:07:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to execute arbitrary code via a modified PATH that references a malicious gzip program, which is executed by gnutar with certain TAR_OPTIONS environment variable settings, when gnutar is invoked by OpenBase.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de ruta de b\u00fasqueda en un fichero no confiable en OpenBase SQL 10.0 y anteriores, al usarlo en Apple Xcode 2.2 y anteriores y posiblemente otros productos, permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n mediante una ruta modificada que hace referencia a un programa gzip malicioso, el cual es ejecutado por gnutar con ciertas preferencias en la variable de entorno TAR_OPTIONS, cuando gnutar es invocado por OpenBase.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.2\",\"matchCriteriaId\":\"6ECC94B6-CDEF-4D25-8757-019F7A5E244F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbase_international_ltd:openbase:*:*:mac_os_x:*:*:*:*:*\",\"versionEndIncluding\":\"10.0\",\"matchCriteriaId\":\"3EC070F1-330C-413B-B799-C2F76A65DAA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbase_international_ltd:openbase:7.0.15:*:mac_os_x:*:*:*:*:*\",\"matchCriteriaId\":\"B3AECE53-2A46-43E6-9A0C-A1E74D653D0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbase_international_ltd:openbase:8.0.4:*:mac_os_x:*:*:*:*:*\",\"matchCriteriaId\":\"E1B9E4CF-9750-48DD-A65D-B1A52FD5D2C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbase_international_ltd:openbase:9.1.5:*:mac_os_x:*:*:*:*:*\",\"matchCriteriaId\":\"5F7BCC07-04B0-4B11-B260-DF029E95ECFA\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/22390\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22474\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27441\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.digitalmunition.com/DMA%5B2006-1016a%5D.txt\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.digitalmunition.com/Xcode_OpenBase_pwn.pl\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/20562\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securitytracker.com/id?1018872\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/4058\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/4059\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/3665\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/29624\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/22390\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22474\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27441\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.digitalmunition.com/DMA%5B2006-1016a%5D.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.digitalmunition.com/Xcode_OpenBase_pwn.pl\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/20562\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securitytracker.com/id?1018872\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/4058\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/4059\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/3665\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/29624\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.