CVE-2006-4003

{"id": "CVE-2006-4003", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-08-07T19:04:00.000", "references": [{"url": "http://secunia.com/advisories/21317", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://sourceforge.net/project/shownotes.php?release_id=436594&group_id=128058", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/442036/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/19317", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/3139", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28204", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/21317", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://sourceforge.net/project/shownotes.php?release_id=436594&group_id=128058", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/442036/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/19317", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2006/3139", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28204", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The config method in Henrik Storner Hobbit monitor before 4.1.2p2 permits access to files outside of the intended configuration directory, which allows remote attackers to obtain sensitive information via requests to the hobbitd daemon on port 1984/tcp."}, {"lang": "es", "value": "El m\u00e9todo de configuraci\u00f3n en Henrik Storner Hobbit monitor anterior a 4.1.2p2 permite el acceso a ficheros fuera de la configuraci\u00f3n de directorios pretendida, lo cual permite a atacantes remotos obtener informaci\u00f3n sensible mediante peticiones al demonio hobbitd en el puerto 1984/tcp."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hobbit_monitor:hobbit_monitor:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C64D47F0-E8C9-4168-AD77-6A04309C198E", "versionEndIncluding": "4.1.2_p1"}, {"criteria": "cpe:2.3:a:hobbit_monitor:hobbit_monitor:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BFBF31E-CAD6-4B22-BCBB-AB89F1667210"}, {"criteria": "cpe:2.3:a:hobbit_monitor:hobbit_monitor:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A486537-FDB3-45D9-98AD-8410E3BA196D"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org", "evaluatorSolution": "This vulnerability is addressed in the following product release:\r\nHobbit Monitor, Hobbit Monitor, 4.1.2p2"}