Lucene search
HistoryDec 15, 2006 - 10:28 p.m.
CVE-2006-6598
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.1
Confidence
Low
EPSS
0.003
Percentile
68.6%
Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux before 2.2 and (2) torrentflux-b4rt before 2.1-b4rt-972 allows remote authenticated users to read arbitrary files via … (dot dot) sequences in the path parameter, a different vector than CVE-2006-6328.
Affected configurations
Node
torrentfluxtorrentfluxRange≤2.2
ORtorrentfluxtorrentflux-b4rtRange≤2.1_b4rt971
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt3
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt4
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt5
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt6
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt7
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt8
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt9
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt61
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt81
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt82
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt83
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt84
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt85
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt91
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt92
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt93
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt94
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt95
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt96
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt97
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt801
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt802
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt951
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt952
ORtorrentfluxtorrentflux-b4rtMatch2.1_b4rt953
| Vendor | Product | Version | CPE |
|---|---|---|---|
| torrentflux | torrentflux | * | cpe:2.3:a:torrentflux:torrentflux:*:*:*:*:*:*:*:* |
| torrentflux | torrentflux-b4rt | * | cpe:2.3:a:torrentflux:torrentflux-b4rt:*:*:*:*:*:*:*:* |
| torrentflux | torrentflux-b4rt | 2.1_b4rt3 | cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt3:*:*:*:*:*:*:* |
| torrentflux | torrentflux-b4rt | 2.1_b4rt4 | cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt4:*:*:*:*:*:*:* |
| torrentflux | torrentflux-b4rt | 2.1_b4rt5 | cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt5:*:*:*:*:*:*:* |
| torrentflux | torrentflux-b4rt | 2.1_b4rt6 | cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt6:*:*:*:*:*:*:* |
| torrentflux | torrentflux-b4rt | 2.1_b4rt7 | cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt7:*:*:*:*:*:*:* |
| torrentflux | torrentflux-b4rt | 2.1_b4rt8 | cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt8:*:*:*:*:*:*:* |
| torrentflux | torrentflux-b4rt | 2.1_b4rt9 | cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt9:*:*:*:*:*:*:* |
| torrentflux | torrentflux-b4rt | 2.1_b4rt61 | cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt61:*:*:*:*:*:*:* |
Related
ubuntucve
ubuntucve
cve
cve
cvelist
cvelist
nvd
nvd
CVE-2006-6328
2006-12-06 21:28:00
CVE-2006-6604
2006-12-15 22:28:00
exploitdb
exploitdb
TorrentFlux 2.2 - 'downloaddetails.php' Local File Disclosure
2006-12-09 00:00:00
torrentflux 2.2 - Arbitrary File Create/ Execute/Delete
2006-11-15 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.1
Confidence
Low
EPSS
0.003
Percentile
68.6%
Related for NVD:CVE-2006-6598