CVE-2006-0083

Format string vulnerability in the logging code of SMS Server Tools (smstools) 1.14.8 and earlier allows local users to execute arbitrary code via unspecified attack vectors.

CVSS v2.0 4.6 MEDIUM

4.6^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/18343	Vendor Advisory
http://secunia.com/advisories/18357	Patch Vendor Advisory
http://www.debian.org/security/2005/dsa-930
http://www.osvdb.org/22287
http://www.securityfocus.com/bid/16188
https://exchange.xforce.ibmcloud.com/vulnerabilities/24034
http://secunia.com/advisories/18343	Vendor Advisory
http://secunia.com/advisories/18357	Patch Vendor Advisory
http://www.debian.org/security/2005/dsa-930
http://www.osvdb.org/22287
http://www.securityfocus.com/bid/16188
https://exchange.xforce.ibmcloud.com/vulnerabilities/24034

Configurations

Configuration 1 (hide)

cpe:2.3:a:stefan_frings:sms_server_tools:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-01-09 20:03

Updated : 2025-04-03 01:03

NVD link : CVE-2006-0083

Mitre link : CVE-2006-0083

CVE.ORG link : CVE-2006-0083

JSON object : View

Products Affected

stefan_frings

sms_server_tools

CWE

NVD-CWE-Other

{"id": "CVE-2006-0083", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-01-09T20:03:00.000", "references": [{"url": "http://secunia.com/advisories/18343", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/18357", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2005/dsa-930", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/22287", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/16188", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24034", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/18343", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/18357", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2005/dsa-930", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/22287", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/16188", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24034", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Format string vulnerability in the logging code of SMS Server Tools (smstools) 1.14.8 and earlier allows local users to execute arbitrary code via unspecified attack vectors."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:stefan_frings:sms_server_tools:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "916B0C70-9902-433D-B721-F0FBD5059EC3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}