Lucene search

[email protected]CVE-2006-0864

HistoryFeb 23, 2006 - 11:02 p.m.

CVE-2006-0864

2006-02-2323:02:00

[email protected]

web.nvd.nist.gov

global hauri

virobot

2.0

20050817

filescan

cve-2006-0864

vulnerability

security

nvd

7.1 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.018 Low

EPSS

Percentile

88.3%

JSON

filescan in Global Hauri ViRobot 2.0 20050817 does not verify the Cookie HTTP header, which allows remote attackers to gain administrative privileges via an arbitrary cookie value.

Affected configurations

NVD

Node

haurivirobotMatch2.0_2005-08-17

CPENameOperatorVersion
hauri:virobothauri viroboteq2.0_2005-08-17

CPE	Name	Operator	Version
hauri:virobot	hauri virobot	eq	2.0_2005-08-17

References

secunia.com/advisories/18974

securitytracker.com/id?1015658

www.securityfocus.com/archive/1/425788/100/0/threaded

www.securityfocus.com/bid/16768

www.vupen.com/english/advisories/2006/0691

x82.inetcop.org/h0me/adv1sor1es/INCSA.2006-0x82-028-VIROBOT.txt

exchange.xforce.ibmcloud.com/vulnerabilities/24850

7.1 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.018 Low

EPSS

Percentile

88.3%

JSON

Related for CVE-2006-0864

nessus1 prion1 cvelist1 nvd1