Lucene search
Ubuntu.comUB:CVE-2006-6104HistoryDec 21, 2006 - 12:00 a.m.
CVE-2006-6104
2006-12-2100:00:00
ubuntu.com
ubuntu.com
14
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.08 Low
EPSS
Percentile
94.3%
The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono
does not properly verify local pathnames, which allows remote attackers to
(1) read source code by appending a space (%20) to a URI, and (2) read
credentials via a request for Web.Config%20.
Related
suse
suse
remote source code disclosure in mono-web
2007-01-04 18:49:55
nessus
nessus
Mandrake Linux Security Advisory : mono (MDKSA-2006:234)
2007-02-18 00:00:00
Fedora Core 6 : mono-1.1.17.1-4.fc6 (2007-067)
2007-01-17 00:00:00
Ubuntu 6.06 LTS / 6.10 : mono vulnerability (USN-397-1)
2007-11-10 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200701-12 (mono)
2008-09-24 00:00:00
SuSE Update for mono-web SUSE-SA:2007:002
2009-01-28 00:00:00
Ubuntu: Security Advisory (USN-397-1)
2022-08-26 00:00:00
nvd
nvd
CVE-2006-6104
2006-12-21 19:28:00
cve
cve
CVE-2006-6104
2006-12-21 19:28:00
cvelist
cvelist
CVE-2006-6104
2006-12-21 19:00:00
gentoo
gentoo
Mono: Information disclosure
2007-01-16 00:00:00
ubuntu
ubuntu
mono vulnerability
2006-12-20 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: mono-1.1.17.1-4.fc6
2007-01-12 19:43:05
[SECURITY] Fedora Core 5 Update: mono-1.1.13.7-3.fc5.1
2007-01-12 19:43:55
debiancve
debiancve
CVE-2006-6104
2006-12-21 19:28:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.08 Low
EPSS
Percentile
94.3%
Related for UB:CVE-2006-6104