CVE-2006-0228

Published Jan 17, 2006

Last updated 7 years ago

Overview

Description: The RBAC functionality in grsecurity before 2.1.8 does not properly handle when the admin role creates a service and then exits the shell without unauthenticating, which causes the service to be restarted with the admin role still active.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09DF5719-7980-42F1-A55F-BA42B5AB51E8"
          },
          {
            "criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E661647F-ED24-40C9-B85D-9C60F45EA00F"
          },
          {
            "criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4D9BF20-272D-428A-88DD-0CA90B14C631"
          },
          {
            "criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "95BF408B-DE5C-4AD4-986B-FF9C38E1B515"
          },
          {
            "criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23E79624-4CBD-4744-BD1E-518B9EBFF7C1"
          },
          {
            "criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61DC3A73-B269-4418-A8EC-877BDDDB57BF"
          },
          {
            "criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F45B7B0-DAEE-4101-97AB-C41F6E206916"
          },
          {
            "criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EAC33E4A-76D3-4C16-B261-CDB0CF78F048"
          },
          {
            "criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB4F7AFD-AD7A-45ED-9660-7BC6DFCD36E9"
          },
          {
            "criteria": "cpe:2.3:a:grsecurity:grsecurity_kernel_patch:2.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B598D0A0-21A2-4731-B816-A96B4D8A389A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References