CVE-2006-6257

The file manager in AlternC 0.9.5 and earlier, when warnings are enabled in PHP, allows remote attackers to obtain sensitive information via certain folder names such as ones composed of JavaScript code, which reveal the path in a warning message.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/23144
http://securityreason.com/securityalert/1965
http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt	Exploit Vendor Advisory
http://www.securityfocus.com/archive/1/452988/100/0/threaded
http://www.securityfocus.com/bid/21355	Exploit
http://www.vupen.com/english/advisories/2006/4851

Configurations

Configuration 1 (hide)

cpe:2.3:a:alternc:alternc:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-12-04 11:28

Updated : 2024-02-04 17:13

NVD link : CVE-2006-6257

Mitre link : CVE-2006-6257

CVE.ORG link : CVE-2006-6257

JSON object : View

Products Affected

alternc

alternc

CWE

NVD-CWE-Other

{"id": "CVE-2006-6257", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2006-12-04T11:28:00.000", "references": [{"url": "http://secunia.com/advisories/23144", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/1965", "source": "cve@mitre.org"}, {"url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/21355", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/4851", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The file manager in AlternC 0.9.5 and earlier, when warnings are enabled in PHP, allows remote attackers to obtain sensitive information via certain folder names such as ones composed of JavaScript code, which reveal the path in a warning message."}, {"lang": "es", "value": "El administrador de archivos en AlternC 0.9.5 y anteriores, cuando las advertencias (warnings) est\u00e1n habilitadas en PHP, permite a atacantes remotos obtener informaci\u00f3n sensible mediante determinados nombres de carpeta, tales como unos compuestos de c\u00f3digo JavaScript, lo cual revela la ruta en un mensaje de advertencia."}], "lastModified": "2018-10-17T21:47:28.440", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:alternc:alternc:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8FAF661-CBCD-4392-88C9-F1A7949A84E8", "versionEndIncluding": "0.9.5"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org", "evaluatorSolution": "Successful exploitation requires that warnings are enabled in PHP."}