Search...

CVE-2006-2830

2006-06-05T16:06:00

ID CVE-2006-2830
Type cve
Reporter NVD
Modified 2017-07-19T21:31:48

Description

Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent (TRA) before 5.4, and Hawk before 4.6.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the HTTP administrative interface.

JSON Vulners Source

Initial Source

{"id": "CVE-2006-2830", "bulletinFamily": "NVD", "title": "CVE-2006-2830", "description": "Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent (TRA) before 5.4, and Hawk before 4.6.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the HTTP administrative interface.", "published": "2006-06-05T16:06:00", "modified": "2017-07-19T21:31:48", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2830", "reporter": "NVD", "references": ["http://www.kb.cert.org/vuls/id/999884", "http://www.vupen.com/english/advisories/2006/2155", "https://exchange.xforce.ibmcloud.com/vulnerabilities/26939", "http://securitytracker.com/id?1016145", "http://www.tibco.com/resources/mk/rendezvous_security_advisory.txt", "http://www.securityfocus.com/bid/18301"], "cvelist": ["CVE-2006-2830"], "type": "cve", "lastseen": "2017-07-20T10:49:20", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:tibco:rendezvous:7.5.1", "cpe:/a:tibco:runtime_agent:5.3", "cpe:/a:tibco:hawk:4.6.1"], "cvelist": ["CVE-2006-2830"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent (TRA) before 5.4, and Hawk before 4.6.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the HTTP administrative interface.", "edition": 1, "enchantments": {}, "hash": "00d371fefe1b945a74f25a07ba5a8b26bdcf2e9bb2d328208763dec6bb9bfc54", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "3de444f75c54780729f71219aa7d16b8", "key": "published"}, {"hash": "59b1e08953735c754d550e5b699af15f", "key": "cpe"}, {"hash": "7b1162746306810b2c94ba2d5966521d", "key": "cvelist"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "dd77bb8cb7618ee4d2f4e17b9c653b0f", "key": "modified"}, {"hash": "ce690d9eace60c1098d8536ae23beae4", "key": "title"}, {"hash": "e58cd406a11eb1bbc6e847f6c7fb56c7", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "e6718cbd675a94cc147e25f53c80eecc", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "5dc2537ff0a74c4bdacf7193e4d40ed2", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2830", "id": "CVE-2006-2830", "lastseen": "2016-09-03T07:03:14", "modified": "2011-03-07T21:37:05", "objectVersion": "1.2", "published": "2006-06-05T16:06:00", "references": ["http://www.kb.cert.org/vuls/id/999884", "http://www.vupen.com/english/advisories/2006/2155", "http://securitytracker.com/id?1016145", "http://xforce.iss.net/xforce/xfdb/26939", "http://www.tibco.com/resources/mk/rendezvous_security_advisory.txt", "http://www.securityfocus.com/bid/18301"], "reporter": "NVD", "scanner": [], "title": "CVE-2006-2830", "type": "cve", "viewCount": 1}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T07:03:14"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "59b1e08953735c754d550e5b699af15f"}, {"key": "cvelist", "hash": "7b1162746306810b2c94ba2d5966521d"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "e6718cbd675a94cc147e25f53c80eecc"}, {"key": "href", "hash": "5dc2537ff0a74c4bdacf7193e4d40ed2"}, {"key": "modified", "hash": "4de397950a5d8a6ca9a1148bca89cf2a"}, {"key": "published", "hash": "3de444f75c54780729f71219aa7d16b8"}, {"key": "references", "hash": "1e9e23bbf4bf391d29821af1ce08363a"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "ce690d9eace60c1098d8536ae23beae4"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "57e4143d10303f7aeb0a7efdd5befc6a7ecf7466d3e0313b63f6c8f3100f51e6", "viewCount": 2, "enchantments": {"vulnersScore": 7.5}, "objectVersion": "1.3", "cpe": ["cpe:/a:tibco:rendezvous:7.5.1", "cpe:/a:tibco:runtime_agent:5.3", "cpe:/a:tibco:hawk:4.6.1"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}

{"result": {"nessus": [{"id": "RENDEZVOUS_751.NASL", "type": "nessus", "title": "Rendezvous < 7.5.1 HTTP Admin Interface Remote Overflow", "description": "The remote host appears to be running Rendezvous, a commercial messaging software product used for building distributed applications\n\nAccording to its banner, several of the components in the version of Rendezvous installed on the remote host contain a buffer overflow vulnerability in the HTTP administrative interface that may allow arbitrary code execution subject to the privileges of the user that invoked the daemon, or 'nobody' in the case the remote system is 'unix' and the invoking user was 'root'.", "published": "2006-06-10T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=21677", "cvelist": ["CVE-2006-2830"], "lastseen": "2016-09-26T17:24:22"}], "osvdb": [{"id": "OSVDB:26155", "type": "osvdb", "title": "TIBCO Multiple Product HTTP Administrative Interface Overflow", "description": "## Solution Description\nUpgrade to version 7.5.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\n[Secunia Advisory ID:20452](https://secuniaresearch.flexerasoftware.com/advisories/20452/)\nOther Advisory URL: http://www.tibco.com/resources/mk/rendezvous_security_advisory.txt\nFrSIRT Advisory: ADV-2006-2155\n[CVE-2006-2830](https://vulners.com/cve/CVE-2006-2830)\nBugtraq ID: 18301\n", "published": "2006-06-05T08:04:37", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:26155", "cvelist": ["CVE-2006-2830"], "lastseen": "2017-04-28T13:20:22"}], "openvas": [{"id": "OPENVAS:830107", "type": "openvas", "title": "Mandriva Update for madwifi-source MDKSA-2007:132 (madwifi-source)", "description": "Check for the Version of madwifi-source", "published": "2009-04-09T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=830107", "cvelist": ["CVE-2006-2831", "CVE-2007-2831", "CVE-2007-2829", "CVE-2007-2830", "CVE-2006-2830"], "lastseen": "2017-07-24T12:56:23"}, {"id": "OPENVAS:1361412562310830107", "type": "openvas", "title": "Mandriva Update for madwifi-source MDKSA-2007:132 (madwifi-source)", "description": "Check for the Version of madwifi-source", "published": "2009-04-09T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830107", "cvelist": ["CVE-2006-2831", "CVE-2007-2831", "CVE-2007-2829", "CVE-2007-2830", "CVE-2006-2830"], "lastseen": "2018-04-09T11:39:28"}]}}