Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-5726 — Out-of-bounds Write in Solaris

4 documents4 sources

Severity

4.9MEDIUMNVD

EPSS

0.3%

top 50.21%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

SUN Solaris

Timeline

PublishedNov 6

Latest updateMay 1

Description

alloccgblk in the UFS filesystem in Solaris 10 allows local users to cause a denial of service (memory corruption) by mounting crafted UFS filesystems with malformed data structures.

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages1 packages

▶NVDsun/solaris10.0

🔴Vulnerability Details

GHSA

GHSA-gx2q-gcvf-c7x4: alloccgblk in the UFS filesystem in Solaris 10 allows local users to cause a denial of service (memory corruption) by mounting crafted UFS filesystems↗2022-05-01

▶

CVEList

CVE-2006-5726: alloccgblk in the UFS filesystem in Solaris 10 allows local users to cause a denial of service (memory corruption) by mounting crafted UFS filesystems↗2006-11-06

▶

💥Exploits & PoCs

Exploit-DB

Sun Solaris 10 - 'UFS' Local Denial of Service↗2006-11-04

▶