Lucene search

FlexeraCVE-2006-5966

HistoryNov 17, 2006 - 10:07 p.m.

CVE-2006-5966

2006-11-1722:07:00

CWE-399

flexera

web.nvd.nist.gov

cve-2006-5966

panda activescan

remote attackers

system reboot

file existence

security vulnerability.

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

AI Score

7.2

Confidence

Low

EPSS

0.03

Percentile

91.0%

JSON

Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows remote attackers to (1) reboot the system using the Reinicializar method in the ActiveScan.1 ActiveX control, or (2) determine arbitrary file existence and size via the ObtenerTamano method in the PAVPZ.SOS.1 ActiveX control.

Affected configurations

Nvd

Node

pandaactivescanMatch5.0

pandaactivescanMatch5.53.00

VendorProductVersionCPE
pandaactivescan5.0cpe:2.3:a:panda:activescan:5.0:*:*:*:*:*:*:*
pandaactivescan5.53.00cpe:2.3:a:panda:activescan:5.53.00:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
panda	activescan	5.0	cpe:2.3:a:panda:activescan:5.0:::::::*
panda	activescan	5.53.00	cpe:2.3:a:panda:activescan:5.53.00:::::::*

References

secunia.com/advisories/21763

secunia.com/secunia_research/2006-64/advisory/

www.securityfocus.com/archive/1/451864/100/0/threaded

www.securityfocus.com/bid/21132

www.vupen.com/english/advisories/2006/4536

exchange.xforce.ibmcloud.com/vulnerabilities/30317

exchange.xforce.ibmcloud.com/vulnerabilities/30318

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

AI Score

7.2

Confidence

Low

EPSS

0.03

Percentile

91.0%

JSON

Related for CVE-2006-5966