cvelistv5 - cve-2006-0055

cve-2006-0055

Vulnerability from cvelistv5

Published
2006-01-11 21:00
Modified
2024-08-07 16:18
Severity ?
Summary
The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell.
References
URL	Tags
secteam@freebsd.org	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:02.ee.asc
secteam@freebsd.org	http://secunia.com/advisories/18404	Patch, Vendor Advisory
secteam@freebsd.org	http://securitytracker.com/id?1015469
secteam@freebsd.org	http://www.osvdb.org/22320
secteam@freebsd.org	http://www.securityfocus.com/bid/16207	Patch
secteam@freebsd.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24074
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:02.ee.asc
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18404	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015469
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/22320
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/16207	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24074
Impacted products
▼	Vendor	Product
	n/a	n/a
Show details on NVD website
JSON
To clipboard
{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:18:20.807Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "16207",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16207"
          },
          {
            "name": "FreeBSD-SA-06:02",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:02.ee.asc"
          },
          {
            "name": "ee-ispell-op-symlink(24074)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24074"
          },
          {
            "name": "1015469",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015469"
          },
          {
            "name": "22320",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/22320"
          },
          {
            "name": "18404",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18404"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
        "shortName": "freebsd"
      },
      "references": [
        {
          "name": "16207",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16207"
        },
        {
          "name": "FreeBSD-SA-06:02",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:02.ee.asc"
        },
        {
          "name": "ee-ispell-op-symlink(24074)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24074"
        },
        {
          "name": "1015469",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015469"
        },
        {
          "name": "22320",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/22320"
        },
        {
          "name": "18404",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18404"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secteam@freebsd.org",
          "ID": "CVE-2006-0055",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "16207",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16207"
            },
            {
              "name": "FreeBSD-SA-06:02",
              "refsource": "FREEBSD",
              "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:02.ee.asc"
            },
            {
              "name": "ee-ispell-op-symlink(24074)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24074"
            },
            {
              "name": "1015469",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015469"
            },
            {
              "name": "22320",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/22320"
            },
            {
              "name": "18404",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18404"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
    "assignerShortName": "freebsd",
    "cveId": "CVE-2006-0055",
    "datePublished": "2006-01-11T21:00:00",
    "dateReserved": "2005-12-30T00:00:00",
    "dateUpdated": "2024-08-07T16:18:20.807Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-0055\",\"sourceIdentifier\":\"secteam@freebsd.org\",\"published\":\"2006-01-11T21:03:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FFD9D1C-A459-47AD-BC62-15631417A32F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:4.10:release:*:*:*:*:*:*\",\"matchCriteriaId\":\"4ECDEC87-0132-46B6-BD9B-A94F9B669EAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:4.10:release_p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E21E50A-A368-4487-A791-87366CC5C86E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:4.10:releng:*:*:*:*:*:*\",\"matchCriteriaId\":\"43E84296-9B5C-4623-A2C4-431D76FC2765\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:4.11:release_p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E18328E2-3CB5-4D36-8EA3-77DD909B46A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:4.11:releng:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF73D76B-FBB8-4D10-8393-9FAF53392A4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:4.11:stable:*:*:*:*:*:*\",\"matchCriteriaId\":\"F177AE1C-58C2-4575-807C-ABFFC5119FA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61EBA52A-2D8B-4FB5-866E-AE67CE1842E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.0:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B13D898-C1B6-44B9-8432-7DDB8A380E9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.0:release_p14:*:*:*:*:*:*\",\"matchCriteriaId\":\"51A612F6-E4EB-4E34-8F55-79E16C74758E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.0:releng:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C19B266-8FE7-49ED-8678-2D522257491D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EE93350-92E6-4F5C-A14C-9993CFFDBCD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.1:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"15C4D826-A419-45F5-B91C-1445DB480916\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D9F2B04-A1F2-4788-A53D-C8274A758DDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.1:release_p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEC7B38F-C6FB-4213-AE18-2D039A4D8E7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A5309ED-D84F-4F52-9864-5B0FEEEE5022\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD7C441E-444B-4DF5-8491-86805C70FB99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.2.1:releng:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E4BC012-ADE4-468F-9A25-261CD8055694\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8A80E6A-6502-4A33-83BA-7DCC606D79AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.3:release:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D6428EB-5E1A-41CB-979C-4C9402251D8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.3:releng:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DCA9879-C9F5-475A-8EC9-04D151001C8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.3:stable:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A94132F-4C47-49CC-B03C-8756613E9A38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.4:pre-release:*:*:*:*:*:*\",\"matchCriteriaId\":\"46A60ED5-1D92-4B40-956F-D1801CAB9039\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.4:release:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F629879-66F0-427B-86D8-D740E0E3F6E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:5.4:releng:*:*:*:*:*:*\",\"matchCriteriaId\":\"C89129C5-A1DB-4018-B43A-C60C8E650080\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.0:release:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCE4F2E6-2286-4D87-ADD7-7E999B4E5620\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.0:stable:*:*:*:*:*:*\",\"matchCriteriaId\":\"C07C3BEF-8D6A-4F23-96DE-AFE4369D08EF\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:02.ee.asc\",\"source\":\"secteam@freebsd.org\"},{\"url\":\"http://secunia.com/advisories/18404\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1015469\",\"source\":\"secteam@freebsd.org\"},{\"url\":\"http://www.osvdb.org/22320\",\"source\":\"secteam@freebsd.org\"},{\"url\":\"http://www.securityfocus.com/bid/16207\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/24074\",\"source\":\"secteam@freebsd.org\"},{\"url\":\"ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:02.ee.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/18404\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1015469\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/22320\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/16207\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/24074\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}
Action not permitted

cve-2006-0055

Vulnerability from cvelistv5

ghsa-2p56-r36q-fx99

Vulnerability from github

gsd-2006-0055

Vulnerability from gsd

Tags
