Lucene search

[email protected]CVE-2006-3147

HistoryJun 22, 2006 - 10:06 p.m.

CVE-2006-3147

2006-06-2222:06:00

[email protected]

web.nvd.nist.gov

cve-2006-3147

hosting controller

vulnerability

remote attackers

admin privileges

resellers

passwords

6.4 Medium

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.036 Low

EPSS

Percentile

91.6%

JSON

Unspecified vulnerability in Hosting Controller before 6.1 (aka Hotfix 3.2) allows remote authenticated attackers to gain host admin privileges, list all resellers, or change resellers’ passwords via unspecified vectors. NOTE: due to the lack of precise details, it is not clear whether this is related to a previously disclosed issue such as CVE-2005-1788.

Affected configurations

NVD

Node

hosting_controllerhosting_controllerMatch6.1

hosting_controllerhosting_controllerMatch6.1_hotfix_1.4

hosting_controllerhosting_controllerMatch6.1_hotfix_1.7

hosting_controllerhosting_controllerMatch6.1_hotfix_1.9

hosting_controllerhosting_controllerMatch6.1_hotfix_2.0

hosting_controllerhosting_controllerMatch6.1_hotfix_2.1

hosting_controllerhosting_controllerMatch6.1_hotfix_2.3

hosting_controllerhosting_controllerMatch6.1_hotfix_2.8

hosting_controllerhosting_controllerMatch6.1_hotfix_2.9

CPENameOperatorVersion
hosting_controller:hosting_controllerhosting controllereq6.1
hosting_controller:hosting_controllerhosting controllereq6.1_hotfix_1.4
hosting_controller:hosting_controllerhosting controllereq6.1_hotfix_1.7
hosting_controller:hosting_controllerhosting controllereq6.1_hotfix_1.9
hosting_controller:hosting_controllerhosting controllereq6.1_hotfix_2.0
hosting_controller:hosting_controllerhosting controllereq6.1_hotfix_2.1
hosting_controller:hosting_controllerhosting controllereq6.1_hotfix_2.3
hosting_controller:hosting_controllerhosting controllereq6.1_hotfix_2.8
hosting_controller:hosting_controllerhosting controllereq6.1_hotfix_2.9

CPE	Name	Operator	Version
hosting_controller:hosting_controller	hosting controller	eq	6.1
hosting_controller:hosting_controller	hosting controller	eq	6.1_hotfix_1.4
hosting_controller:hosting_controller	hosting controller	eq	6.1_hotfix_1.7
hosting_controller:hosting_controller	hosting controller	eq	6.1_hotfix_1.9
hosting_controller:hosting_controller	hosting controller	eq	6.1_hotfix_2.0
hosting_controller:hosting_controller	hosting controller	eq	6.1_hotfix_2.1
hosting_controller:hosting_controller	hosting controller	eq	6.1_hotfix_2.3
hosting_controller:hosting_controller	hosting controller	eq	6.1_hotfix_2.8
hosting_controller:hosting_controller	hosting controller	eq	6.1_hotfix_2.9

References

hostingcontroller.com/english/logs/hotfixlogv61_3_2.html

secunia.com/advisories/20743

securitytracker.com/id?1016444

www.osvdb.org/26693

www.securityfocus.com/bid/18565

www.vupen.com/english/advisories/2006/2459

exchange.xforce.ibmcloud.com/vulnerabilities/27340

6.4 Medium

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.036 Low

EPSS

Percentile

91.6%

JSON

Related for CVE-2006-3147

nvd2 cvelist2 nessus2 cve1