CVE-2006-5851

OpenBase SQL < 10.0.1 - Arbitrary File Creation via Symlink Attack on /tmp/output

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-5851. PoCs published by Kevin Finisterre.

AI-analyzed exploit summary This exploit leverages a symlink vulnerability in OpenBase 10.0.0 to create a world-writable root crontab file, allowing arbitrary command execution as root. It compiles a trojan binary and schedules it via cron for privilege escalation.

Description

openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Kevin Finisterre · perllocalosx
https://www.exploit-db.com/exploits/2737

This exploit leverages a symlink vulnerability in OpenBase 10.0.0 to create a world-writable root crontab file, allowing arbitrary command execution as root. It compiles a trojan binary and schedules it via cron for privilege escalation.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: OpenBase 10.0.0
No auth needed
Prerequisites: OpenBase 10.0.0 installed · Access to the target system · Cron service running
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/22742
Mailing List mailing-list x_refsource_fulldisc
http://marc.info/?l=full-disclosure&m=116296717330758&w=2
Not Applicable vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/4404
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/2737

Scores

EPSS 0.0074
EPSS Percentile 49.6%

Details

CWE
CWE-59
Status published
Products (4)
openbase_international_ltd/openbase 7.0.15
openbase_international_ltd/openbase 8.0.4
openbase_international_ltd/openbase 9.1.5
openbase_international_ltd/openbase 10.0
Published Nov 10, 2006
Tracked Since Feb 18, 2026