| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.7 | $0-$5k | 0.00 |
Summary
A vulnerability identified as problematic has been detected in X.org X11 up to 7.x. The affected element is an unknown function of the file Xsession of the component xdm. Performing a manipulation results in race condition. This vulnerability was named CVE-2006-5214. There is no available exploit. Applying a patch is the recommended action to fix this issue.
Details
A vulnerability, which was classified as problematic, was found in X.org X11 up to 7.x (Windowing System Software). This affects some unknown functionality of the file Xsession of the component xdm. The manipulation with an unknown input leads to a race condition vulnerability. CWE is classifying the issue as CWE-362. The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently. This is going to have an impact on confidentiality, integrity, and availability. The summary by CVE is:
Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user s Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession errors files of other users.
The bug was discovered 10/06/2006. The weakness was presented 10/17/2006 (Website). The advisory is shared at bugs.freedesktop.org. This vulnerability is uniquely identified as CVE-2006-5214 since 10/09/2006. The attack can only be initiated within the local network. No form of authentication is needed for exploitation. Technical details are known, but no exploit is available.
It is declared as proof-of-concept. The vulnerability was handled as a non-public zero-day exploit for at least 4 days. During that time the estimated underground price was around $0-$5k. The vulnerability scanner Nessus provides a plugin with the ID 23447 (Solaris 8 (x86) : 111845-04), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Solaris Local Security Checks and running in the context l.
Applying a patch is able to eliminate this problem. The bugfix is ready for download at freedesktop.org. A possible mitigation has been published 4 months after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at X-Force (29422), Tenable (23447), SecurityFocus (BID 20400†), OSVDB (29578†) and Secunia (SA22469†). If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.x.org/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.3VulDB Meta Temp Score: 5.7
VulDB Base Score: 6.3
VulDB Temp Score: 5.7
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Race conditionCWE: CWE-362
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: Partially
Availability: 🔍
Status: Proof-of-Concept
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 23447
Nessus Name: Solaris 8 (x86) : 111845-04
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
Nessus Port: 🔍
OpenVAS ID: 860999
OpenVAS Name: Family Connections argv[1] Parameter Remote Arbitrary Command Execution Vulnerability
OpenVAS File: 🔍
OpenVAS Family: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Patch: freedesktop.org
Timeline
10/06/2006 🔍10/06/2006 🔍
10/06/2006 🔍
10/09/2006 🔍
10/09/2006 🔍
10/09/2006 🔍
10/10/2006 🔍
10/17/2006 🔍
10/17/2006 🔍
10/18/2006 🔍
11/06/2006 🔍
01/26/2007 🔍
08/20/2007 🔍
07/24/2019 🔍
Sources
Vendor: x.orgAdvisory: bugs.freedesktop.org
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2006-5214 (🔍)
GCVE (CVE): GCVE-0-2006-5214
GCVE (VulDB): GCVE-100-2613
OVAL: 🔍
X-Force: 29422
SecurityFocus: 20400 - X.Org XDM XSession Script Race Condition Vulnerability
Secunia: 22469
OSVDB: 29578 - Multiple Vendor X Display Manager Xsession Script Error File Information Disclosure
SecurityTracker: 1017015
Vulnerability Center: 15899 - X.Org XSession Script Race Condition Vulnerability Allows Information Disclosure, Medium
Vupen: ADV-2006-3962
Entry
Created: 10/18/2006 11:00Updated: 07/24/2019 09:20
Changes: 10/18/2006 11:00 (96), 07/24/2019 09:20 (1)
Complete: 🔍
Cache ID: 216:2C4:103
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
No comments yet. Languages: en.
Please log in to comment.