Lucene search

[email protected]CVE-2006-1161

HistoryMar 12, 2006 - 9:02 p.m.

CVE-2006-1161

2006-03-1221:02:00

[email protected]

web.nvd.nist.gov

cve-2006-1161

easy file sharing

efs web server

remote code execution

path traversal

windows startup folder

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.7%

JSON

Absolute path traversal vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote registered users to execute arbitrary code by uploading a malicious file to the Windows startup folder.

Affected configurations

NVD

Node

efs_softwareefs_web_serverMatch3.2

CPENameOperatorVersion
efs_software:efs_web_serverefs software efs web servereq3.2

CPE	Name	Operator	Version
efs_software:efs_web_server	efs software efs web server	eq	3.2

References

www.osvdb.org/23791

www.securityfocus.com/archive/1/427158/100/0/threaded

www.securityfocus.com/bid/17046

exchange.xforce.ibmcloud.com/vulnerabilities/39994

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.7%

JSON

Related for CVE-2006-1161

cvelist1 prion1 nvd1 nessus1