CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-6165

ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful environment variables, which allows local users to gain privileges by passing certain environment variables to loading processes. NOTE: this issue has been disputed by a third party, stating that it is the responsibility of the application to properly sanitize the environment

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.8%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 7.2

References

http://www.securityfocus.com/archive/1/452371/100/0/threaded
http://www.securityfocus.com/archive/1/452428/100/0/threaded
http://www.securityfocus.com/archive/1/452371/100/0/threaded
http://www.securityfocus.com/archive/1/452428/100/0/threaded

Products affected by CVE-2006-6165

Freebsd » Freebsd » Version: 6.2

cpe:2.3:o:freebsd:freebsd:6.2
Netbsd » Netbsd » Version: 2.0.4

cpe:2.3:o:netbsd:netbsd:2.0.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-6165

Products

Pricing

Contact Us