Details of VAR-200607-0040

ID

VAR-200607-0040

CVE

CVE-2006-3470

TITLE

Dell Openmanage CD launches unauthenticated services

Trust: 0.8

sources: CERT/CC: VU#577729

DESCRIPTION

The Dell Openmanage CD launches X11 and SSH daemons that do not require authentication, which allows remote attackers to gain privileges

Trust: 1.98

sources: NVD: CVE-2006-3470 // CERT/CC: VU#577729 // BID: 81937 // VULHUB: VHN-19578

AFFECTED PRODUCTS

vendor:	dell	model:	openmanage cd	scope:	eq	version:	*	Trust: 1.0
vendor:	dell computer	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	dell	model:	openmanage cd	scope:	-	version:	-	Trust: 0.6

sources: CERT/CC: VU#577729 // CNNVD: CNNVD-200607-126 // NVD: CVE-2006-3470

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-3470
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#577729
value:	10.26
Trust: 0.8
CNNVD:	CNNVD-200607-126
value:	HIGH
Trust: 0.6
VULHUB:	VHN-19578
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2006-3470
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-19578
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#577729 // VULHUB: VHN-19578 // CNNVD: CNNVD-200607-126 // NVD: CVE-2006-3470

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-3470

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200607-126

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200607-126

EXTERNAL IDS

db:	CERT/CC	id:	VU#577729	Trust: 2.8
db:	NVD	id:	CVE-2006-3470	Trust: 2.0
db:	CNNVD	id:	CNNVD-200607-126	Trust: 0.7
db:	BUGTRAQ	id:	20060609 DELL OPENMANAGE CD VULNERABILITY	Trust: 0.6
db:	XF	id:	27137	Trust: 0.6
db:	BID	id:	81937	Trust: 0.4
db:	VULHUB	id:	VHN-19578	Trust: 0.1

sources: CERT/CC: VU#577729 // VULHUB: VHN-19578 // BID: 81937 // CNNVD: CNNVD-200607-126 // NVD: CVE-2006-3470

REFERENCES

url:	http://msgs.securepoint.com/cgi-bin/get/bugtraq0606/187.html	Trust: 2.8
url:	http://www.kb.cert.org/vuls/id/577729	Trust: 2.0
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/27137	Trust: 1.1
url:	http://www.dell.com/downloads/global/solutions/openmanage%20for%20servers%20brochure%205.5.04.pdf	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/27137	Trust: 0.6
url:	http://dell.com	Trust: 0.3

sources: CERT/CC: VU#577729 // VULHUB: VHN-19578 // BID: 81937 // CNNVD: CNNVD-200607-126 // NVD: CVE-2006-3470

CREDITS

Unknown

Trust: 0.3

sources: BID: 81937

SOURCES

db:	CERT/CC	id:	VU#577729
db:	VULHUB	id:	VHN-19578
db:	BID	id:	81937
db:	CNNVD	id:	CNNVD-200607-126
db:	NVD	id:	CVE-2006-3470

LAST UPDATE DATE

2024-08-14T14:08:28.223000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#577729	date:	2006-07-21T00:00:00
db:	VULHUB	id:	VHN-19578	date:	2017-07-20T00:00:00
db:	BID	id:	81937	date:	2006-07-10T00:00:00
db:	CNNVD	id:	CNNVD-200607-126	date:	2006-07-12T00:00:00
db:	NVD	id:	CVE-2006-3470	date:	2017-07-20T01:32:19.927

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#577729	date:	2006-07-07T00:00:00
db:	VULHUB	id:	VHN-19578	date:	2006-07-10T00:00:00
db:	BID	id:	81937	date:	2006-07-10T00:00:00
db:	CNNVD	id:	CNNVD-200607-126	date:	2006-07-10T00:00:00
db:	NVD	id:	CVE-2006-3470	date:	2006-07-10T19:05:00