Lucene search

[email protected]CVE-2006-4679

HistorySep 11, 2006 - 5:04 p.m.

CVE-2006-4679

2006-09-1117:04:00

[email protected]

web.nvd.nist.gov

cve-2006-4679

dokuwiki

security vulnerability

debug feature

information disclosure

remote attack

5.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

78.6%

JSON

DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to “debug”.

Affected configurations

NVD

Node

andreas_gohrdokuwikiRange≤release_2006-03-09

andreas_gohrdokuwikiMatchrelease_2004-07-04

andreas_gohrdokuwikiMatchrelease_2004-07-07

andreas_gohrdokuwikiMatchrelease_2004-07-12

andreas_gohrdokuwikiMatchrelease_2004-07-21

andreas_gohrdokuwikiMatchrelease_2004-07-25

andreas_gohrdokuwikiMatchrelease_2004-08-08

andreas_gohrdokuwikiMatchrelease_2004-08-15a

andreas_gohrdokuwikiMatchrelease_2004-08-22

andreas_gohrdokuwikiMatchrelease_2004-09-12

andreas_gohrdokuwikiMatchrelease_2004-09-25

andreas_gohrdokuwikiMatchrelease_2004-09-30

andreas_gohrdokuwikiMatchrelease_2004-10-19

andreas_gohrdokuwikiMatchrelease_2004-11-01

andreas_gohrdokuwikiMatchrelease_2004-11-02

andreas_gohrdokuwikiMatchrelease_2004-11-10

andreas_gohrdokuwikiMatchrelease_2005-01-14

andreas_gohrdokuwikiMatchrelease_2005-01-15

andreas_gohrdokuwikiMatchrelease_2005-01-16a

andreas_gohrdokuwikiMatchrelease_2005-02-06

andreas_gohrdokuwikiMatchrelease_2005-02-18

andreas_gohrdokuwikiMatchrelease_2005-05-07

andreas_gohrdokuwikiMatchrelease_2005-07-01

andreas_gohrdokuwikiMatchrelease_2005-07-13

andreas_gohrdokuwikiMatchrelease_2005-09-19

andreas_gohrdokuwikiMatchrelease_2005-09-22

andreas_gohrdokuwikiMatchrelease_2006-03-05

CPENameOperatorVersion
andreas_gohr:dokuwikiandreas gohr dokuwikilerelease_2006-03-09
andreas_gohr:dokuwikiandreas gohr dokuwikieqrelease_2004-07-04
andreas_gohr:dokuwikiandreas gohr dokuwikieqrelease_2004-07-07
andreas_gohr:dokuwikiandreas gohr dokuwikieqrelease_2004-07-12
andreas_gohr:dokuwikiandreas gohr dokuwikieqrelease_2004-07-21
andreas_gohr:dokuwikiandreas gohr dokuwikieqrelease_2004-07-25
andreas_gohr:dokuwikiandreas gohr dokuwikieqrelease_2004-08-08
andreas_gohr:dokuwikiandreas gohr dokuwikieqrelease_2004-08-15a
andreas_gohr:dokuwikiandreas gohr dokuwikieqrelease_2004-08-22
andreas_gohr:dokuwikiandreas gohr dokuwikieqrelease_2004-09-12

CPE	Name	Operator	Version
andreas_gohr:dokuwiki	andreas gohr dokuwiki	le	release_2006-03-09
andreas_gohr:dokuwiki	andreas gohr dokuwiki	eq	release_2004-07-04
andreas_gohr:dokuwiki	andreas gohr dokuwiki	eq	release_2004-07-07
andreas_gohr:dokuwiki	andreas gohr dokuwiki	eq	release_2004-07-12
andreas_gohr:dokuwiki	andreas gohr dokuwiki	eq	release_2004-07-21
andreas_gohr:dokuwiki	andreas gohr dokuwiki	eq	release_2004-07-25
andreas_gohr:dokuwiki	andreas gohr dokuwiki	eq	release_2004-08-08
andreas_gohr:dokuwiki	andreas gohr dokuwiki	eq	release_2004-08-15a
andreas_gohr:dokuwiki	andreas gohr dokuwiki	eq	release_2004-08-22
andreas_gohr:dokuwiki	andreas gohr dokuwiki	eq	release_2004-09-12