Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2006-4246
HistorySep 19, 2006 - 6:07 p.m.

CVE-2006-4246

2006-09-1918:07:00
[email protected]
web.nvd.nist.gov
24
usermin
remote attack
file read
vulnerability
cve-2006-4246
nvd

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:N/A:P

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.2%

JSON

Usermin before 1.220 (20060629) allows remote attackers to read arbitrary files, possibly related to chfn/save.cgi not properly handling an empty shell parameter, which results in changing root’s shell instead of the shell of a specified user.

Affected configurations

NVD
Node
userminuserminRange1.210
OR
userminuserminMatch0.4
OR
userminuserminMatch0.5
OR
userminuserminMatch0.6
OR
userminuserminMatch0.7
OR
userminuserminMatch0.8
OR
userminuserminMatch0.9
OR
userminuserminMatch0.91
OR
userminuserminMatch0.92
OR
userminuserminMatch0.93
OR
userminuserminMatch0.94
OR
userminuserminMatch0.95
OR
userminuserminMatch0.96
OR
userminuserminMatch0.97
OR
userminuserminMatch0.98
OR
userminuserminMatch0.99
OR
userminuserminMatch1.000
OR
userminuserminMatch1.010
OR
userminuserminMatch1.020
OR
userminuserminMatch1.030
OR
userminuserminMatch1.040
OR
userminuserminMatch1.051
OR
userminuserminMatch1.060
OR
userminuserminMatch1.070
OR
userminuserminMatch1.080
OR
userminuserminMatch1.090
OR
userminuserminMatch1.100
OR
userminuserminMatch1.110
OR
userminuserminMatch1.120
OR
userminuserminMatch1.130
OR
userminuserminMatch1.140
OR
userminuserminMatch1.150

Related

openvas 2
ubuntucve 1
nessus 1
debian 1
cvelist 1
nvd 1
openvas
openvas
Debian: Security Advisory (DSA-1177-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 1177-1 (usermin)
2008-01-17 00:00:00
ubuntucve
ubuntucve
CVE-2006-4246
2006-09-19 00:00:00
nessus
nessus
Debian DSA-1177-1 : usermin - programming error
2006-10-14 00:00:00
debian
debian
[SECURITY] [DSA 1177-1] New usermin packages fix denial of service
2006-09-15 15:31:25
cvelist
cvelist
CVE-2006-4246
2006-09-19 18:00:00
nvd
nvd
CVE-2006-4246
2006-09-19 18:07:00

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:N/A:P

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.2%

JSON
Related for CVE-2006-4246
openvas2ubuntucve1nessus1debian1cvelist1nvd1