Lucene search

[email protected]CVE-2006-5668

HistoryNov 03, 2006 - 1:07 a.m.

CVE-2006-5668

2006-11-0301:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

ampache

vulnerability

remote attackers

security restrictions

guest access

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

90.0%

JSON

Unspecified vulnerability in Ampache 3.3.2 and earlier, when register_globals is enabled, allows remote attackers to bypass security restrictions and gain guest access.

CPENameOperatorVersion
ampache:ampacheampacheeq3.2
ampache:ampacheampacheeq3.3.2
ampache:ampacheampacheeq3.2.3
ampache:ampacheampacheeq3.3
ampache:ampacheampacheeq3.2.2
ampache:ampacheampacheeq3.3.1
ampache:ampacheampacheeq3.2.1
ampache:ampacheampacheeq3.3.1.2
ampache:ampacheampacheeq3.2.4

CPE	Name	Operator	Version
ampache:ampache	ampache	eq	3.2
ampache:ampache	ampache	eq	3.3.2
ampache:ampache	ampache	eq	3.2.3
ampache:ampache	ampache	eq	3.3
ampache:ampache	ampache	eq	3.2.2
ampache:ampache	ampache	eq	3.3.1
ampache:ampache	ampache	eq	3.2.1
ampache:ampache	ampache	eq	3.3.1.2
ampache:ampache	ampache	eq	3.2.4

References

secunia.com/advisories/22842

www.securityfocus.com/bid/20798

www.vupen.com/english/advisories/2006/4236

exchange.xforce.ibmcloud.com/vulnerabilities/29892

svn.ampache.org/branches/3.3.2/docs/CHANGELOG

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

90.0%

JSON

Related for CVE-2006-5668

cvelist1