Lucene search

[email protected]NVD:CVE-2006-6933

HistoryJan 16, 2007 - 11:28 p.m.

CVE-2006-6933

2007-01-1623:28:00

[email protected]

web.nvd.nist.gov

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.005

Percentile

76.3%

JSON

Easy Chat Server 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download certain files via direct requests to files such as (1) ServerKey.pem and (2) AcceptIP.txt. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

Nvd

Node

efs_softwareeasy_chat_serverMatch2.1

VendorProductVersionCPE
efs_softwareeasy_chat_server2.1cpe:2.3:a:efs_software:easy_chat_server:2.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
efs_software	easy_chat_server	2.1	cpe:2.3:a:efs_software:easy_chat_server:2.1:::::::*

References

secunia.com/advisories/22739

exchange.xforce.ibmcloud.com/vulnerabilities/30075

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.005

Percentile

76.3%

JSON

Related for NVD:CVE-2006-6933

cve1 cvelist1