CVE-2006-4954

The updateuser servlet in Neon WebMail for Java before 5.08 does not validate the in_id parameter, which allows remote attackers to modify information of arbitrary users, as demonstrated by modifying (1) passwords and (2) permissions, (3) viewing profile settings, and (4) creating and (5) deleting users.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/22029	Patch Vendor Advisory
http://vuln.sg/neonmail506-en.html	Exploit Patch
http://www.securityfocus.com/bid/20109	Exploit Patch
http://www.securityfocus.com/bid/84203
https://exchange.xforce.ibmcloud.com/vulnerabilities/29089

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:neosys:neon_webmail:5.06::java:::::
	cpe:2.3:a:neosys:neon_webmail:5.07::java:::::

History

No history.

Information

Published : 2006-09-23 10:07

Updated : 2024-02-04 17:13

NVD link : CVE-2006-4954

Mitre link : CVE-2006-4954

CVE.ORG link : CVE-2006-4954

JSON object : View

Products Affected

neosys

neon_webmail

CWE

NVD-CWE-Other

{"id": "CVE-2006-4954", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2006-09-23T10:07:00.000", "references": [{"url": "http://secunia.com/advisories/22029", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://vuln.sg/neonmail506-en.html", "tags": ["Exploit", "Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/20109", "tags": ["Exploit", "Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/84203", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29089", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The updateuser servlet in Neon WebMail for Java before 5.08 does not validate the in_id parameter, which allows remote attackers to modify information of arbitrary users, as demonstrated by modifying (1) passwords and (2) permissions, (3) viewing profile settings, and (4) creating and (5) deleting users."}, {"lang": "es", "value": "El servlet updateuser en Neon WebMail para Java anterior a 5.08 no valida el par\u00e1metro in_id, lo que permite a un atacante remoto modificar informaci\u00f3n de usuarios de su elecci\u00f3n, como se demuestra con la modificaci\u00f3n de (1) contrase\u00f1as y (2) permisos, (3)ajustado el perfil de visionado, y (4) creando y (5)elminando usuarios."}], "lastModified": "2017-07-20T01:33:24.913", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:neosys:neon_webmail:5.06:*:java:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11B4EF7A-0FBC-47B8-9655-987B9E176E1F"}, {"criteria": "cpe:2.3:a:neosys:neon_webmail:5.07:*:java:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9841D3E7-74B1-48A6-A840-D429C75921CD"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}