CVE-2006-2655

The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restrictions.

Published: Jun 2, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-2655
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
freebsd / freebsd	5.4-releng	5.4-releng.x
freebsd / freebsd	6.1	6.1.x
freebsd / freebsd	5.3-release	5.3-release.x
freebsd / freebsd	5.4	5.4.x
freebsd / freebsd	6.1-stable	6.1-stable.x
freebsd / freebsd	5.3	5.3.x
freebsd / freebsd	6.1-release	6.1-release.x
freebsd / freebsd	6.0	6.0.x
freebsd / freebsd	5.4-stable	5.4-stable.x
freebsd / freebsd	5.4-pre-release	5.4-pre-release.x
freebsd / freebsd	6.0-release	6.0-release.x
freebsd / freebsd	5.4-release	5.4-release.x
freebsd / freebsd	6.0-stable	6.0-stable.x
freebsd / freebsd	5.3-stable	5.3-stable.x
freebsd / freebsd	5.3-releng	5.3-releng.x

Vulnerability Database

290,476

CVE-2006-2655