CVE-2006-5950

Unspecified vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote authenticated users to obtain the installation path via unknown vectors related to the REN command, probably due to response messages. NOTE: the provenance of this information is unknown; details are obtained from third party sources.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://secunia.com/advisories/22874	Vendor Advisory
http://www.securityfocus.com/bid/21058	Vendor Advisory
http://www.vupen.com/english/advisories/2006/4518
https://exchange.xforce.ibmcloud.com/vulnerabilities/30281

Configurations

Configuration 1 (hide)

cpe:2.3:a:altools:alftp_ftp_server:4.1_beta1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-11-17 00:07

Updated : 2024-02-04 17:13

NVD link : CVE-2006-5950

Mitre link : CVE-2006-5950

CVE.ORG link : CVE-2006-5950

JSON object : View

Products Affected

altools

alftp_ftp_server

CWE

NVD-CWE-Other

{"id": "CVE-2006-5950", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-11-17T00:07:00.000", "references": [{"url": "http://secunia.com/advisories/22874", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/21058", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/4518", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30281", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote authenticated users to obtain the installation path via unknown vectors related to the REN command, probably due to response messages. NOTE: the provenance of this information is unknown; details are obtained from third party sources."}, {"lang": "es", "value": "Vulnerabilidad no especificada en ALTools ALFTP FTP Server 4.1 beta 1, y posiblemente anteriores, permite a un usuario validado obtener la ruta validada a trav\u00e9s de vectores desconocidos relacionados con el comando REN, probablemente debido a los mensajes de respuesta. NOTA: la procedencia de esta informaci\u00f3n es desconocida; los detalles han sido obtenidos a partir de la informaci\u00f3n de terceros. \r\n"}], "lastModified": "2017-07-20T01:34:06.120", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:altools:alftp_ftp_server:4.1_beta1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C42E866E-E855-4AB1-8C4B-E43D19E272E0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}