Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSDB0D61F73-0E11-11DB-A47B-000C2957FDF1
HistoryJul 06, 2006 - 12:00 a.m.

trac -- reStructuredText breach of privacy and denial of service vulnerability

2006-07-0600:00:00
vuxml.freebsd.org
10

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.05 Low

EPSS

Percentile

92.8%

JSON

The Trac 0.9.6 Release Notes reports:

Fixed reStructuredText breach of privacy and denial of
service vulnerability found by Felix Wiemann.
The discovered vulnerability requires docutils to be
installed and enabled. Systems that do not have docutils
installed or enabled are not vulnerable. As of this
version version 0.3.9 or greater of docutils is required
for using reStructuredText markup in Trac.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchtrac< 0.9.6UNKNOWN
FreeBSDanynoarchja-trac< 0.9.6UNKNOWN

Related

openvas 12
nessus 4
ubuntucve 2
cve 3
debiancve 3
gentoo 1
debian 4
osv 1
openvas
openvas
FreeBSD Ports: trac, ja-trac
2008-09-04 00:00:00
FreeBSD Ports: trac, ja-trac
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200601-12 (trac)
2008-09-24 00:00:00
nessus
nessus
FreeBSD : trac -- reStructuredText breach of privacy and denial of service vulnerability (b0d61f73-0e11-11db-a47b-000c2957fdf1)
2006-07-10 00:00:00
GLSA-200601-12 : Trac: XSS vulnerability
2006-01-29 00:00:00
Trac Ticket Query Module group Parameter SQL Injection
2005-12-02 00:00:00
ubuntucve
ubuntucve
CVE-2005-4305
2005-12-17 00:00:00
CVE-2005-4065
2005-12-07 00:00:00
cve
cve
CVE-2005-4305
2005-12-17 00:03:00
CVE-2005-3980
2005-12-04 11:03:00
CVE-2005-4065
2005-12-07 11:03:00
debiancve
debiancve
CVE-2005-4305
2005-12-17 00:03:00
CVE-2005-3980
2005-12-04 11:03:00
CVE-2005-4065
2005-12-07 11:03:00
gentoo
gentoo
Trac: Cross-site scripting vulnerability
2006-01-26 00:00:00
debian
debian
[SECURITY] [DSA 951-2] New trac packages fix SQL injection and cross-site scripting
2006-01-30 13:13:39
[SECURITY] [DSA 951-1] New trac packages fix SQL injection and cross-site scripting
2006-01-23 09:17:48
[SECURITY] [DSA 951-1] New trac packages fix SQL injection and cross-site scripting
2006-01-23 09:17:48
osv
osv
trac - missing input sanitising
2006-01-23 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.05 Low

EPSS

Percentile

92.8%

JSON
Related for B0D61F73-0E11-11DB-A47B-000C2957FDF1
openvas12nessus4ubuntucve2cve3debiancve3gentoo1debian4osv1