Vulnerability Database

290,206

Total vulnerabilities in the database

CVE-2006-6652

Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion.

  • Published: Dec 20, 2006
  • Updated: Apr 13, 2023
  • CVE: CVE-2006-6652
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 9
  • AV:N/AC:L/Au:S/C:C/I:C/A:C

CWEs:

Software From Fixed in
apple / mac_os_x 10.4.3 10.4.3.x
apple / mac_os_x 10.2.5 10.2.5.x
apple / mac_os_x 10.2.7 10.2.7.x
apple / mac_os_x 10.0.2 10.0.2.x
apple / mac_os_x 10.2.8 10.2.8.x
apple / mac_os_x 10.2.1 10.2.1.x
apple / mac_os_x 10.3.1 10.3.1.x
apple / mac_os_x 10.3.5 10.3.5.x
apple / mac_os_x 10.4.1 10.4.1.x
apple / mac_os_x 10.1 10.1.x
apple / mac_os_x 10.0.1 10.0.1.x
apple / mac_os_x 10.4.10 10.4.10.x
apple / mac_os_x 10.0.3 10.0.3.x
apple / mac_os_x 10.4.9 10.4.9.x
apple / mac_os_x 10.1.4 10.1.4.x
apple / mac_os_x 10.2.4 10.2.4.x
apple / mac_os_x 10.4.7 10.4.7.x
apple / mac_os_x 10.4.4 10.4.4.x
apple / mac_os_x 10.3.2 10.3.2.x
apple / mac_os_x 10.2.2 10.2.2.x
apple / mac_os_x 10.0 10.0.x
apple / mac_os_x 10.3.7 10.3.7.x
apple / mac_os_x 10.1.3 10.1.3.x
apple / mac_os_x 10.3.6 10.3.6.x
apple / mac_os_x 10.1.5 10.1.5.x
apple / mac_os_x 10.4 10.4.x
apple / mac_os_x 10.4.6 10.4.6.x
apple / mac_os_x 10.3.8 10.3.8.x
apple / mac_os_x 10.1.1 10.1.1.x
apple / mac_os_x 10.4.5 10.4.5.x
apple / mac_os_x 10.3.9 10.3.9.x
apple / mac_os_x 10.3.4 10.3.4.x
apple / mac_os_x 10.4.8 10.4.8.x
apple / mac_os_x 10.3.3 10.3.3.x
apple / mac_os_x 10.2.6 10.2.6.x
apple / mac_os_x 10.2.3 10.2.3.x
apple / mac_os_x 10.2 10.2.x
apple / mac_os_x 10.4.2 10.4.2.x
apple / mac_os_x 10.3 10.3.x
apple / mac_os_x 10.0.4 10.0.4.x
apple / mac_os_x 10.1.2 10.1.2.x
netbsd / netbsd 2.1 2.1.x
netbsd / netbsd 3.1 3.1.x
netbsd / netbsd 3.0 3.0.x
netbsd / netbsd 2.0 2.0.x