fkie_cve-2006-5215
Vulnerability from fkie_nvd
Published
2006-10-10 04:06
Modified
2025-04-09 00:30
Severity ?
Summary
The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file.
References
cve@mitre.orghttp://secunia.com/advisories/22992
cve@mitre.orghttp://securitytracker.com/id?1017015
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102652-1
cve@mitre.orghttp://support.avaya.com/elmodocs2/security/ASA-2006-250.htm
cve@mitre.orghttp://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32805
cve@mitre.orghttps://bugs.freedesktop.org/show_bug.cgi?id=5898
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/29427
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2205
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22992
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1017015
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102652-1
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm
af854a3a-2127-422b-91ae-364da2661108http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32805
af854a3a-2127-422b-91ae-364da2661108https://bugs.freedesktop.org/show_bug.cgi?id=5898
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/29427
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2205
Impacted products
Vendor Product Version
x.org xdm *
netbsd netbsd *
netbsd netbsd 1.0
netbsd netbsd 1.1
netbsd netbsd 1.2
netbsd netbsd 1.2.1
netbsd netbsd 1.3
netbsd netbsd 1.3.1
netbsd netbsd 1.3.2
netbsd netbsd 1.3.3
netbsd netbsd 1.4
netbsd netbsd 1.4
netbsd netbsd 1.4
netbsd netbsd 1.4
netbsd netbsd 1.4
netbsd netbsd 1.4.1
netbsd netbsd 1.4.1
netbsd netbsd 1.4.1
netbsd netbsd 1.4.1
netbsd netbsd 1.4.1
netbsd netbsd 1.4.1
netbsd netbsd 1.4.2
netbsd netbsd 1.4.2
netbsd netbsd 1.4.2
netbsd netbsd 1.4.2
netbsd netbsd 1.4.2
netbsd netbsd 1.4.3
netbsd netbsd 1.5
netbsd netbsd 1.5
netbsd netbsd 1.5
netbsd netbsd 1.5.1
netbsd netbsd 1.5.2
netbsd netbsd 1.5.3
netbsd netbsd 1.6
netbsd netbsd 1.6
netbsd netbsd 1.6.1
netbsd netbsd 1.6.2
netbsd netbsd 2.0
netbsd netbsd 2.0.1
netbsd netbsd 2.0.2
netbsd netbsd 2.0.3
netbsd netbsd 2.1
netbsd netbsd 3.0
netbsd netbsd 3.99.15
netbsd netbsd 4.0
sun solaris 8.0
sun solaris 8.0
sun solaris 8.0
sun solaris 9.0
sun solaris 9.0
sun solaris 9.0
sun solaris 10.0
sun sunos 5.8
sun sunos 5.9


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:x.org:xdm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B856A744-AB2E-471B-B184-7B7D401146CA",
              "versionEndIncluding": "1.0.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D660F26B-C329-4F2D-8017-B9442FE8248D",
              "versionEndIncluding": "current",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DD3C82-0B7D-4B25-B603-AD6C6D59239A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "87FD0350-38E2-46D3-B17F-6C3F9C3488A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:arm32:*:*:*:*:*",
              "matchCriteriaId": "3DC541BB-95DF-4A31-998F-983255F8B485",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "5AB998EB-E5F3-414D-AA99-34DC7B32E870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:x86:*:*:*:*:*",
              "matchCriteriaId": "4319B741-4376-4EA2-9FEB-236C148D1514",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "247ABD95-74CA-45B8-8729-3C35C9E11186",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:arm32:*:*:*:*:*",
              "matchCriteriaId": "1D4C44E8-075A-4B48-88DA-2CAC25CDF159",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:sh3:*:*:*:*:*",
              "matchCriteriaId": "393738E7-93E1-4A37-817B-C023A9BD1DBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "19D1E7AC-79B6-4136-ADB2-06BEE9773795",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:x86:*:*:*:*:*",
              "matchCriteriaId": "E2EE8A19-8AB1-4283-95EA-9EE3C7E5DED7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "6FA1C84C-6624-4032-8D0E-5EBB054F5224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:arm32:*:*:*:*:*",
              "matchCriteriaId": "06B9ADAD-ADDC-47AC-9924-B31B17DDF163",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "6DC0D30E-DBF1-4FDB-80C0-80DB50D9E77A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:x86:*:*:*:*:*",
              "matchCriteriaId": "537FD523-1D44-4D85-AED1-C092E0155CF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1F89124-E194-4C7A-B06D-8535B4066AA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:sh3:*:*:*:*:*",
              "matchCriteriaId": "52F2B17F-A169-402C-AA05-0DE5D805BAD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:x86:*:*:*:*:*",
              "matchCriteriaId": "BD44E15F-D216-404F-8585-D278175C2A0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
              "matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:3.99.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7C5D200-B40F-458D-8216-A3C22B21B46A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:8.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "32CF7469-6D2F-4E34-8013-7F0D3433D0B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
              "matchCriteriaId": "1894C542-AA81-40A9-BF47-AE24C93C1ACB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:8.0:beta:*:*:*:*:*:*",
              "matchCriteriaId": "11847B60-D66B-4386-940A-C53B11853E50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
              "matchCriteriaId": "0B837BB7-5F62-4CD5-9C64-8553C28EA8A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*",
              "matchCriteriaId": "3F305CBD-4329-44DE-A85C-DE9FF371425E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "7BF232A9-9E0A-481E-918D-65FC82EF36D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E585DC-FC74-4BB0-96B7-C00B6DB610DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user\u0027s Xsession errors file, via a symlink attack on a /tmp/xses-$USER file."
    },
    {
      "lang": "es",
      "value": "La secuencia de comandos Xsession, tambien usado por X Display Manager (xdm) en NetBSD anterior a 12/02/2006, X.Org anterior a  17/03/2006, y Solaris 8 hasta la 10 anterior a 06/10/2006, permiten a un usuario local sobre escribir archivos de su elecci\u00f3n, o leer otros ficheros de errores de usuarios de Xsession, a trav\u00e9s de un ataque de enlaces simb\u00f3licos sobre un archivo/tmp/xses-$USER."
    }
  ],
  "evaluatorSolution": "This vulnerability is addressed in the following product updates:\r\nX.org, xdm, 2006-03-17\r\nNetBSD, NetBSD, Current 2006-02-12\r\nSun, Solaris, 10 2006-10-06",
  "id": "CVE-2006-5215",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-10-10T04:06:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/22992"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1017015"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102652-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32805"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugs.freedesktop.org/show_bug.cgi?id=5898"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29427"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2205"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22992"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1017015"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102652-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32805"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugs.freedesktop.org/show_bug.cgi?id=5898"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29427"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2205"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.