Required CVE Record Information
Description
Untrusted search path vulnerability in openexec in OpenBase SQL before 10.0.1 allows local users to gain privileges via a modified PATH that references a malicious helper binary, as demonstrated by (1) cp, (2) rm, and (3) killall, different vectors than CVE-2006-5327.
References 5 Total
- secunia.com: 22742 third-party-advisory
- vupen.com: ADV-2006-4404 vdb-entry
- exploit-db.com: 2738 exploit
- http://www.digitalmunition.com/DMA%5B2006-1107a%5D.txt
- marc.info: 20081108 [Full-disclosure] OpenBase SQL multiple vulnerabilities Part Deux mailing-list
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- secunia.com: 22742 third-party-advisoryx_transferred
- vupen.com: ADV-2006-4404 vdb-entryx_transferred
- exploit-db.com: 2738 exploitx_transferred
- http://www.digitalmunition.com/DMA%5B2006-1107a%5D.txt x_transferred
- marc.info: 20081108 [Full-disclosure] OpenBase SQL multiple vulnerabilities Part Deux mailing-listx_transferred