CVE-2006-6173 - OpenCVE

Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes insufficient memory allocation, or (2) a large number of ranges in the shared_region_make_private_np_args parameter.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple	Mac Os X

Configuration 1 [-]

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://docs.info.apple.com/article.html?artnum=305214
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
http://projects.info-pull.com/mokb/MOKB-28-11-2006.html
http://secunia.com/advisories/23120
http://secunia.com/advisories/24479
http://securitytracker.com/id?1017306
http://www.securityfocus.com/bid/21349
http://www.securitytracker.com/id?1017751
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
http://www.vupen.com/english/advisories/2006/4762
http://www.vupen.com/english/advisories/2007/0930
https://exchange.xforce.ibmcloud.com/vulnerabilities/30569

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-11-30T16:00:00

Updated: 2024-08-07T20:19:34.523Z

Reserved: 2006-11-30T00:00:00

Link: CVE-2006-6173

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-11-30T16:28:00.000

Modified: 2017-07-29T01:29:22.203

Link: CVE-2006-6173

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-11-28T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes insufficient memory allocation, or (2) a large number of ranges in the shared_region_make_private_np_args parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "23120", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23120"}, {"tags": ["x_refsource_MISC"], "url": "http://projects.info-pull.com/mokb/MOKB-28-11-2006.html"}, {"name": "macos-sharedregion-privilege-escalation(30569)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30569"}, {"name": "TA07-072A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"}, {"name": "21349", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/21349"}, {"name": "1017306", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017306"}, {"name": "APPLE-SA-2007-03-13", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://docs.info.apple.com/article.html?artnum=305214"}, {"name": "1017751", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1017751"}, {"name": "ADV-2007-0930", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0930"}, {"name": "ADV-2006-4762", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/4762"}, {"name": "24479", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24479"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-6173", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes insufficient memory allocation, or (2) a large number of ranges in the shared_region_make_private_np_args parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "23120", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23120"}, {"name": "http://projects.info-pull.com/mokb/MOKB-28-11-2006.html", "refsource": "MISC", "url": "http://projects.info-pull.com/mokb/MOKB-28-11-2006.html"}, {"name": "macos-sharedregion-privilege-escalation(30569)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30569"}, {"name": "TA07-072A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"}, {"name": "21349", "refsource": "BID", "url": "http://www.securityfocus.com/bid/21349"}, {"name": "1017306", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017306"}, {"name": "APPLE-SA-2007-03-13", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"}, {"name": "http://docs.info.apple.com/article.html?artnum=305214", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=305214"}, {"name": "1017751", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1017751"}, {"name": "ADV-2007-0930", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0930"}, {"name": "ADV-2006-4762", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/4762"}, {"name": "24479", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24479"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T20:19:34.523Z"}, "title": "CVE Program Container", "references": [{"name": "23120", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23120"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://projects.info-pull.com/mokb/MOKB-28-11-2006.html"}, {"name": "macos-sharedregion-privilege-escalation(30569)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30569"}, {"name": "TA07-072A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"}, {"name": "21349", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/21349"}, {"name": "1017306", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017306"}, {"name": "APPLE-SA-2007-03-13", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://docs.info.apple.com/article.html?artnum=305214"}, {"name": "1017751", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1017751"}, {"name": "ADV-2007-0930", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/0930"}, {"name": "ADV-2006-4762", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/4762"}, {"name": "24479", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24479"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-6173", "datePublished": "2006-11-30T16:00:00", "dateReserved": "2006-11-30T00:00:00", "dateUpdated": "2024-08-07T20:19:34.523Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "64FE6DF4-2A1B-4867-B047-4BC32BDF926C", "versionEndIncluding": "10.4.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes insufficient memory allocation, or (2) a large number of ranges in the shared_region_make_private_np_args parameter."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en la funci\u00f3n shared_region_make_private_np de vm/vm_unix.c de Mac OS X 10.4.6 y versiones anteriores permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n mediante (1) un contador de rango peque\u00f1o, que provoca insuficiencia de reserva de memoria, \u00f3 (2) un gran n\u00famero de rangos en el par\u00e1metro shared_region_make_private_np_args."}], "id": "CVE-2006-6173", "lastModified": "2017-07-29T01:29:22.203", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-11-30T16:28:00.000", "references": [{"source": "cve@mitre.org", "url": "http://docs.info.apple.com/article.html?artnum=305214"}, {"source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"}, {"source": "cve@mitre.org", "url": "http://projects.info-pull.com/mokb/MOKB-28-11-2006.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/23120"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/24479"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1017306"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/21349"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1017751"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/4762"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/0930"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30569"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}