Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-0177

6 documents5 sources
Severity
7.2HIGH
EPSS
0.3%
top 43.05%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Cray Unicos
Timeline
PublishedJan 11
Latest updateMay 1

Description

Multiple buffer overflows in Cray UNICOS 9.0.2.2 might allow local users to gain privileges by (1) invoking /usr/bin/script with a long command line argument or (2) setting the -c option of /etc/nu to the name of a file containing a long line.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDcray/unicos9.0.2.2

🔴Vulnerability Details

2
GHSA
GHSA-9hh7-vmjp-g84v: Multiple buffer overflows in Cray UNICOS 92022-05-01
CVEList
CVE-2006-0177: Multiple buffer overflows in Cray UNICOS 92006-01-11

💥Exploits & PoCs

2
Exploit-DB
Cray UNICOS /usr/bin/script - Command Line Argument Local Overflow2006-01-10
Exploit-DB
Cray UNICOS /etc/nu - '-c' Option Filename Processing Local Overflow2006-01-10

💬Community

1
Bugzilla
[RHEL4] CVE-2005-3624 Additional xpdf issues (CVE-2005-3625 CVE-2005-3626 CVE-2005-3627)2006-01-03
CVE-2006-0177 (HIGH CVSS 7.2) | Multiple buffer overflows in Cray U | cvebase.io