CVE-2006-0178

3 documents3 sources

Severity

7.2HIGH

EPSS

0.1%

top 83.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cray Unicos

Timeline

PublishedJan 11

Latest updateMay 1

Description

Format string vulnerability in /bin/ftp in UNICOS 9.0.2.2 allows local users to have an unknown impact via format string specifiers in the quote command. NOTE: because the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDcray/unicos9.0.2.2

🔴Vulnerability Details

GHSA

GHSA-qrgq-hmr8-m5qc: Format string vulnerability in /bin/ftp in UNICOS 9↗2022-05-01

▶

CVEList

CVE-2006-0178: Format string vulnerability in /bin/ftp in UNICOS 9↗2006-01-11

▶