{"api_version":"1","generated_at":"2026-04-23T16:34:16+00:00","cve":"CVE-2006-0126","urls":{"html":"https://cve.report/CVE-2006-0126","api":"https://cve.report/api/cve/CVE-2006-0126.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2006-0126","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2006-0126"},"summary":{"title":"CVE-2006-0126","description":"rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices.","state":"PUBLISHED","assigner":"mitre","published_at":"2006-01-09 11:03:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.6","severity":"","vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://www.osvdb.org/22223","name":"http://www.osvdb.org/22223","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://secunia.com/advisories/18301","name":"http://secunia.com/advisories/18301","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Secunia - Advisories - rxvt-unicode TTY Device Insecure Permissions Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2006/0052","name":"http://www.vupen.com/english/advisories/2006/0052","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://dist.schmorp.de/rxvt-unicode/Changes","name":"http://dist.schmorp.de/rxvt-unicode/Changes","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2006-0126","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-0126","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2006","cve_id":"126","vulnerable":"1","versionEndIncluding":"6.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"rxvt-unicode","cpe5":"rxvt-unicode","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T16:25:33.396Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"22223","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/22223"},{"name":"18301","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/18301"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://dist.schmorp.de/rxvt-unicode/Changes"},{"name":"ADV-2006-0052","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2006/0052"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2006-01-04T00:00:00.000Z","descriptions":[{"lang":"en","value":"rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2009-02-26T10:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"22223","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/22223"},{"name":"18301","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/18301"},{"tags":["x_refsource_CONFIRM"],"url":"http://dist.schmorp.de/rxvt-unicode/Changes"},{"name":"ADV-2006-0052","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2006/0052"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2006-0126","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"22223","refsource":"OSVDB","url":"http://www.osvdb.org/22223"},{"name":"18301","refsource":"SECUNIA","url":"http://secunia.com/advisories/18301"},{"name":"http://dist.schmorp.de/rxvt-unicode/Changes","refsource":"CONFIRM","url":"http://dist.schmorp.de/rxvt-unicode/Changes"},{"name":"ADV-2006-0052","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2006/0052"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2006-0126","datePublished":"2006-01-09T11:00:00.000Z","dateReserved":"2006-01-09T00:00:00.000Z","dateUpdated":"2024-08-07T16:25:33.396Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2006-01-09 11:03:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":true,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rxvt-unicode:rxvt-unicode:*:*:*:*:*:*:*:*","versionEndIncluding":"6.2","matchCriteriaId":"0312B278-4744-45C7-8C3E-143E9A3BE437"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2006","CveId":"126","Ordinal":"1","Title":"CVE-2006-0126","CVE":"CVE-2006-0126","Year":"2006"},"notes":[{"CveYear":"2006","CveId":"126","Ordinal":"1","NoteData":"rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices.","Type":"Description","Title":"CVE-2006-0126"},{"CveYear":"2006","CveId":"126","Ordinal":"2","NoteData":"2006-01-09","Type":"Other","Title":"Published"},{"CveYear":"2006","CveId":"126","Ordinal":"3","NoteData":"2009-02-26","Type":"Other","Title":"Modified"}]}}}