Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.1
CVSSv2

CVE-2006-1863

Published: 25/04/2006 Updated: 13/02/2023
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
VMScore: 215
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Linux Kernel

Vulnerability Summary

Directory traversal vulnerability in CIFS in Linux 2.6.16 and previous versions allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1864.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Ubuntu Security Notice: linux-source-2.6.10⁄2.6.12⁄2.6.15 vulnerabilities
An integer overflow was discovered in the do_replace() function A local user process with the CAP_NET_ADMIN capability could exploit this to execute arbitrary commands with full root privileges However, none of Ubuntu’s supported packages use this capability with any non-root user, so this only affects you if you use some third party software l ...
Debian Security Advisories: DSA-1103-1 kernel-source-2.6.8 -- several vulnerabilities
Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-3359 Franz Filz discovered that some socket calls permit causing inconsistent reference count ...

Exploits

Exploit DB: Linux Kernel 2.6.x - CIFS CHRoot Security Restriction Bypass
source: wwwsecurityfocuscom/bid/17742/info The Linux Kernel is prone to a vulnerability that allows attackers to bypass a security restriction This issue is due to a failure in the kernel to properly sanitize user-supplied data The problem affects chroot inside of an SMB-mounted filesystem ('cifs') A local attacker who is bounded by t ...

References

NVD-CWE-Otherhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189434http://www.securityfocus.com/bid/17742http://secunia.com/advisories/19868http://www.trustix.org/errata/2006/0024http://www.novell.com/linux/security/advisories/2006-05-31.htmlhttp://www.debian.org/security/2006/dsa-1103http://secunia.com/advisories/20914http://secunia.com/advisories/21614http://secunia.com/advisories/20398http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.11http://www.mandriva.com/security/advisories?name=MDKSA-2006:150http://www.mandriva.com/security/advisories?name=MDKSA-2006:151http://rhn.redhat.com/errata/RHBA-2007-0304.htmlhttp://www.vupen.com/english/advisories/2006/1542http://www.vupen.com/english/advisories/2006/2554http://www.osvdb.org/25068https://exchange.xforce.ibmcloud.com/vulnerabilities/26141https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10383http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=296034f7de8bdf111984ce1630ac598a9c94a253https://usn.ubuntu.com/302-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/27769/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgeryCVE-2024-34351CVE-2024-1076CVE-2024-25522CVE-2024-34547CVE-2024-4644unauthorizedremoteCVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook