Vulnerability Description
The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection."
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netiq | Identity Manager | 3.0.1 |
References
- http://secunia.com/advisories/21888Vendor Advisory
- http://securitytracker.com/id?1016853Third Party AdvisoryVDB Entry
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974421.htmPatch
- http://www.securityfocus.com/bid/20016PatchThird Party AdvisoryVDB Entry
- http://www.vupen.com/english/advisories/2006/3607Third Party Advisory
- http://secunia.com/advisories/21888Vendor Advisory
- http://securitytracker.com/id?1016853Third Party AdvisoryVDB Entry
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974421.htmPatch
- http://www.securityfocus.com/bid/20016PatchThird Party AdvisoryVDB Entry
- http://www.vupen.com/english/advisories/2006/3607Third Party Advisory
FAQ
What is CVE-2006-4803?
CVE-2006-4803 is a vulnerability with a CVSS score of 7.2 (HIGH). The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and ...
How severe is CVE-2006-4803?
CVE-2006-4803 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4803?
Check the references section above for vendor advisories and patch information. Affected products include: Netiq Identity Manager.