Lucene search

[email protected]CVE-2006-0843

HistoryFeb 22, 2006 - 2:02 a.m.

CVE-2006-0843

2006-02-2202:02:00

[email protected]

web.nvd.nist.gov

information security

leif m. wright's blog 3.5

access control

cve-2006-0843

nvd

6.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.01 Low

EPSS

Percentile

83.5%

JSON

Leif M. Wright’s Blog 3.5 stores the config file and other txt files under the web root with insufficient access control, which allows remote attackers to read the administrator’s password.

Affected configurations

NVD

Node

leif_m._wrightweb_blogMatch3.5

CPENameOperatorVersion
leif_m._wright:web_blogleif m. wright web blogeq3.5

CPE	Name	Operator	Version
leif_m._wright:web_blog	leif m. wright web blog	eq	3.5

References

secunia.com/advisories/18923

securityreason.com/securityalert/522

www.evuln.com/vulns/82/summary.html

www.securityfocus.com/bid/16712

exchange.xforce.ibmcloud.com/vulnerabilities/24752

6.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.01 Low

EPSS

Percentile

83.5%

JSON

Related for CVE-2006-0843

prion1 cvelist1 nvd1 securityvulns1 packetstorm1