Unrated severityNVD Advisory· Published Dec 5, 2006· Updated Apr 23, 2026

CVE-2006-6306

Description

Format string vulnerability in Novell Modular Authentication Services (NMAS) in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window.

Affected products

Novell/Client2 versions
cpe:2.3:a:novell:client:4.91:sp2:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:novell:client:4.91:sp2:*:*:*:*:*:*
- cpe:2.3:a:novell:client:4.91:sp3:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.grok.org.uk/pipermail/full-disclosure/2006-December/051038.htmlnvdVendor Advisory
www.layereddefense.com/Novell01DEC.htmlnvdVendor Advisory
secunia.com/advisories/23363nvd
securityreason.com/securityalert/1970nvd
securitytracker.com/idnvd
support.novell.com/cgi-bin/search/searchtid.cginvd
support.novell.com/cgi-bin/search/searchtid.cginvd
www.securityfocus.com/archive/1/453176/100/0/threadednvd
www.vupen.com/english/advisories/2006/4987nvd
exchange.xforce.ibmcloud.com/vulnerabilities/30644nvd
secure-support.novell.com/KanisaPlatform/Publishing/372/3546910_f.SAL_Public.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000