Unrated severityNVD Advisory· Published Aug 29, 2006· Updated Jun 16, 2026

CVE-2006-4439

Description

pkgadd in Sun Solaris 10 before 20060825 installs files with insecure file and directory permissions (755 or 777) if the pkgmap file contains a "?" (question mark) in the mode field, which allows local users to modify arbitrary files or directories, a different vulnerability than CVE-2002-1871.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Sun Corporation/Solaris
cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*
Sun Corporation/Solaris 10llm-fuzzy
Range: <20060825

Patches

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

secunia.com/advisories/21633nvdPatchVendor Advisory
sunsolve.sun.com/search/document.donvdVendor Advisory
secunia.com/advisories/22992nvd
support.avaya.com/elmodocs2/security/ASA-2006-205.htmnvd
support.avaya.com/elmodocs2/security/ASA-2006-250.htmnvd
www.osvdb.org/28203nvd
www.securityfocus.com/bid/19730nvd
www.vupen.com/english/advisories/2006/3397nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2010nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000