Lucene search

K
cve[email protected]CVE-2006-6598
HistoryDec 15, 2006 - 10:28 p.m.

CVE-2006-6598

2006-12-1522:28:00
web.nvd.nist.gov
24
cve-2006-6598
directory traversal
viewnfo.php
torrentflux
torrentflux-b4rt

6.2 Medium

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

68.2%

Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux before 2.2 and (2) torrentflux-b4rt before 2.1-b4rt-972 allows remote authenticated users to read arbitrary files via … (dot dot) sequences in the path parameter, a different vector than CVE-2006-6328.

Affected configurations

NVD
Node
torrentfluxtorrentfluxRange2.2
OR
torrentfluxtorrentflux-b4rtRange2.1_b4rt971
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt3
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt4
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt5
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt6
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt7
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt8
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt9
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt61
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt81
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt82
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt83
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt84
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt85
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt91
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt92
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt93
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt94
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt95
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt96
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt97
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt801
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt802
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt951
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt952
OR
torrentfluxtorrentflux-b4rtMatch2.1_b4rt953

6.2 Medium

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

68.2%

Related for CVE-2006-6598