CVE-2006-3426

Directory traversal vulnerability in (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and (b) Novell ZENworks 6.2 SR1 and earlier allows remote attackers to overwrite arbitrary files and directories via a .. (dot dot) sequence in the (1) action, (2) agentid, or (3) index parameters to dagent/nwupload.asp, which are used as pathname components.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047495.html
http://secunia.com/advisories/20876	Vendor Advisory
http://secunia.com/advisories/20878	Vendor Advisory
http://securityreason.com/securityalert/1200
http://securitytracker.com/id?1016405
http://www.securityfocus.com/archive/1/438710/100/0/threaded
http://www.securityfocus.com/bid/18732
http://www.vupen.com/english/advisories/2006/2595
http://www.vupen.com/english/advisories/2006/2596
http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047495.html
http://secunia.com/advisories/20876	Vendor Advisory
http://secunia.com/advisories/20878	Vendor Advisory
http://securityreason.com/securityalert/1200
http://securitytracker.com/id?1016405
http://www.securityfocus.com/archive/1/438710/100/0/threaded
http://www.securityfocus.com/bid/18732
http://www.vupen.com/english/advisories/2006/2595
http://www.vupen.com/english/advisories/2006/2596

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:lumension:patchlink_update_server:6.1:::::::*
	cpe:2.3:a:lumension:patchlink_update_server:6.2.0.181:::::::*
	cpe:2.3:a:lumension:patchlink_update_server:6.2.0.189:::::::*
	cpe:2.3:a:novell:zenworks::sr1::::::*

History

21 Nov 2024, 00:13

Type	Values Removed	Values Added
References	~~() http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047495.html -~~	() http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047495.html -
References	~~() http://secunia.com/advisories/20876 - Vendor Advisory~~	() http://secunia.com/advisories/20876 - Vendor Advisory
References	~~() http://secunia.com/advisories/20878 - Vendor Advisory~~	() http://secunia.com/advisories/20878 - Vendor Advisory
References	~~() http://securityreason.com/securityalert/1200 -~~	() http://securityreason.com/securityalert/1200 -
References	~~() http://securitytracker.com/id?1016405 -~~	() http://securitytracker.com/id?1016405 -
References	~~() http://www.securityfocus.com/archive/1/438710/100/0/threaded -~~	() http://www.securityfocus.com/archive/1/438710/100/0/threaded -
References	~~() http://www.securityfocus.com/bid/18732 -~~	() http://www.securityfocus.com/bid/18732 -
References	~~() http://www.vupen.com/english/advisories/2006/2595 -~~	() http://www.vupen.com/english/advisories/2006/2595 -
References	~~() http://www.vupen.com/english/advisories/2006/2596 -~~	() http://www.vupen.com/english/advisories/2006/2596 -

Information

Published : 2006-07-07 00:05

Updated : 2024-11-21 00:13

NVD link : CVE-2006-3426

Mitre link : CVE-2006-3426

CVE.ORG link : CVE-2006-3426

JSON object : View

Products Affected

novell

zenworks

lumension

patchlink_update_server

CWE

NVD-CWE-Other

{"id": "CVE-2006-3426", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-07-07T00:05:00.000", "references": [{"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047495.html", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/20876", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/20878", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/1200", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1016405", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/438710/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/18732", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/2595", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/2596", "source": "cve@mitre.org"}, {"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047495.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/20876", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/20878", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/1200", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1016405", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/438710/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/18732", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2006/2595", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2006/2596", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and (b) Novell ZENworks 6.2 SR1 and earlier allows remote attackers to overwrite arbitrary files and directories via a .. (dot dot) sequence in the (1) action, (2) agentid, or (3) index parameters to dagent/nwupload.asp, which are used as pathname components."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en (a) PatchLink Update Server (PLUS) anterior a v6.1 P1 y v6.2.x enterior a v6.2 SR1 P1 y (b) Novell ZENworks 6.2 SR1 y anteriores, permite a atacantes remotos sobreescribir ficheros de su elecci\u00f3n a trav\u00e9s de una secuencia ..(punto punto) en los par\u00e1metros (1) action, (2) agentid, or (3) index al dagent/nwupload.asp, que es usado como el componente de nombre de ruta."}], "lastModified": "2024-11-21T00:13:36.140", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:lumension:patchlink_update_server:6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "188E8F59-0F22-4C43-8B16-CC5637BF6AFB"}, {"criteria": "cpe:2.3:a:lumension:patchlink_update_server:6.2.0.181:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7704C648-6295-4145-BD2C-77E62DF55196"}, {"criteria": "cpe:2.3:a:lumension:patchlink_update_server:6.2.0.189:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8171827-A661-4492-BD53-8DEB2F3759A7"}, {"criteria": "cpe:2.3:a:novell:zenworks:*:sr1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B1706D5-7465-48C0-8C96-C6798A73B35F", "versionEndIncluding": "6.2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

5.0 /10