CVE-2006-6418

CWE-119 — Buffer Overflow3 documents3 sources

Severity

7.2HIGH

EPSS

0.2%

top 58.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Tru64

Timeline

PublishedDec 10

Latest updateMay 1

Description

Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREAD_CONFIG environment variable.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDhp/tru644.0f, 4.0g, 5.1a+2

🔴Vulnerability Details

GHSA

GHSA-m7f5-rr3q-xx76: Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4↗2022-05-01

▶

CVEList

CVE-2006-6418: Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4↗2006-12-10

▶