CVE-2006-5871

critical

Description

smbfs in Linux kernel 2.6.8 and other versions, and 2.4.x before 2.4.34, when UNIX extensions are enabled, ignores certain mount options, which could cause clients to use server-specified uid, gid and mode settings.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10171

http://www.us.debian.org/security/2006/dsa-1237

http://www.securityfocus.com/bid/21523

http://www.novell.com/linux/security/advisories/2007_35_kernel.html

http://www.debian.org/security/2006/dsa-1233

http://secunia.com/advisories/25683

http://secunia.com/advisories/23395

http://secunia.com/advisories/23370

http://secunia.com/advisories/23361

Details

Source: Mitre, NVD

Published: 2006-12-11

Updated: 2025-04-09

Risk Information

CVSS v2

Base Score: 4.1

Vector: CVSS2#AV:L/AC:M/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.00067

Detections

Analytics