CVE-2006-5213

Sun Solaris 10 before 20061006 uses "incorrect and insufficient permission checks" that allow local users to intercept or spoof packets by creating a raw socket on a link aggregation (network device aggregation).

Score3.6
Access VectorLOCAL
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactNONE
Published2006-10-10 12:06:00.000-04
Last Modified2017-07-19 09:33:36.000-04

Vulnerable Software List

VendorProductVersions
Sun Solaris 10.0::sparc

References

SourceLink
SECTRACK1017013
SUNALERT102606
CONFIRMhttp://support.avaya.com/elmodocs2/security/ASA-2006-250.htm
BID20377
VUPENADV-2006-3961
XFsolaris-raw-socket-obtain-information(29381)