CVE-2006-5556

Published: Oct 27, 2006Modified: Apr 23, 2026

4.6

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 3.9 / Impact: 6.4

Source: NVD

Description

Buffer overflow in the localtime_r function, and certain other functions, in libc in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long TZ environment variable.

Affected (3)

Products: Hp: Hp Ux

1 product

Hp Ux

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Hp Hp Ux	Version 11.00
Hp Hp Ux	Version 11.11
Hp Hp Ux	Version 11.4

References (8)

http://blogs.23.nu/prdelka/stories/13144/

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/bid/20718

Source: cve@mitre.org

ExploitPatch

https://exchange.xforce.ibmcloud.com/vulnerabilities/29777

Source: cve@mitre.org

https://www.exploit-db.com/exploits/2636

Source: cve@mitre.org

http://blogs.23.nu/prdelka/stories/13144/

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.securityfocus.com/bid/20718

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

https://exchange.xforce.ibmcloud.com/vulnerabilities/29777

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/2636

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.