Local Privilege Escalation in Sun Storage Automated Diagnostic Environment
CVE-2006-2790

Currently unrated

Key Information:

Vendor: Oracle
Status: Storage Automated Diagnostic Environment
Vendor: CVE Published:; 2 June 2006

What is CVE-2006-2790?

In Sun Storage Automated Diagnostic Environment version 2.4, certain critical files and directories are configured with world-writable permissions. This misconfiguration permits local users to exploit these permissions, potentially leading to unauthorized privilege escalation. Attackers with local access can gain elevated permissions, which may result in further compromise of the affected system.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/26899

vdb-entryx_refsource_XF

http://secunia.com/advisories/20445

third-party-advisoryx_refsource_SECUNIA

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

Timeline

Vulnerability published
Jun 2, 2006
Vulnerability Reserved
Jun 2, 2006

Oracle

What is CVE-2006-2790?

References

Timeline