Lucene search
HistoryAug 07, 2006 - 7:04 p.m.
CVE-2006-4003
cve-2006-4003
information security
remote attack
henrik storner hobbit monitor
access control
vulnerability
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.011 Low
EPSS
Percentile
84.8%
The config method in Henrik Storner Hobbit monitor before 4.1.2p2 permits access to files outside of the intended configuration directory, which allows remote attackers to obtain sensitive information via requests to the hobbitd daemon on port 1984/tcp.
Affected configurations
Node
hobbit_monitorhobbit_monitorRange≤4.1.2_p1
ORhobbit_monitorhobbit_monitorMatch4.0
ORhobbit_monitorhobbit_monitorMatch4.1
Related
nvd
nvd
CVE-2006-4003
2006-08-07 19:04:00
cvelist
cvelist
CVE-2006-4003
2006-08-07 19:00:00
nessus
nessus
Hobbit Monitor config Method Traversal Arbitrary File Access
2006-08-08 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.011 Low
EPSS
Percentile
84.8%
Related for CVE-2006-4003