Lucene search

[email protected]CVE-2006-4013

HistoryAug 07, 2006 - 7:04 p.m.

CVE-2006-4013

2006-08-0719:04:00

CWE-22

[email protected]

web.nvd.nist.gov

symantec brightmail antispam

sbas

directory traversal

vulnerability

remote attackers

file read

file overwrite

nvd

7 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.213 Low

EPSS

Percentile

96.4%

JSON

Multiple directory traversal vulnerabilities in Symantec Brightmail AntiSpam (SBAS) before 6.0.4, when the Control Center is allowed to connect from any computer, allow remote attackers to read and overwrite certain files via directory traversal sequences in (1) DATABLOB-GET and (2) DATABLOB-SAVE requests.

CPENameOperatorVersion
symantec:brightmail_antispamsymantec brightmail antispameq6.0
symantec:brightmail_antispamsymantec brightmail antispameq5.5
symantec:brightmail_antispamsymantec brightmail antispameq4.0
symantec:brightmail_antispamsymantec brightmail antispameq6.0.1

CPE	Name	Operator	Version
symantec:brightmail_antispam	symantec brightmail antispam	eq	6.0
symantec:brightmail_antispam	symantec brightmail antispam	eq	5.5
symantec:brightmail_antispam	symantec brightmail antispam	eq	4.0
symantec:brightmail_antispam	symantec brightmail antispam	eq	6.0.1

References

secunia.com/advisories/21223

securityresponse.symantec.com/avcenter/security/Content/2006.07.27.html

securitytracker.com/id?1016600

www.osvdb.org/27589

www.osvdb.org/27590

www.securityfocus.com/bid/19182

www.vupen.com/english/advisories/2006/3018

exchange.xforce.ibmcloud.com/vulnerabilities/28058

exchange.xforce.ibmcloud.com/vulnerabilities/28059

7 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.213 Low

EPSS

Percentile

96.4%

JSON

Related for CVE-2006-4013

nessus1