mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
184 lines
5.6 KiB
JSON
184 lines
5.6 KiB
JSON
{
|
|
"id": "CVE-2006-3274",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2006-06-28T22:05:00.000",
|
|
"lastModified": "2024-11-21T00:13:13.753",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Directory traversal vulnerability in Webmin before 1.280, when run on Windows, allows remote attackers to read arbitrary files via \\ (backslash) characters in the URL to certain directories under the web root, such as the image directory."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad de salto de directorio en versiones de Webmin anteriores a la v1.280, cuando se ejecuta en Windows, permite a atacantes remotos leer ficheros arbitrarios a trav\u00e9s del car\u00e1cter \\ (barra invertida) en la URL a determinados directorios bajo la ra\u00edz Web, tales como el directorio de imagenes."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
|
"baseScore": 5.0,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE"
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:webmin:webmin:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "1.2.70",
|
|
"matchCriteriaId": "72A55881-A6A1-47F7-BEE5-E27981B2FE36"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:webmin:webmin:1.2.30:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CD941A62-A41E-41CB-80C0-8B780AC39FB1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:webmin:webmin:1.2.40:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "786287DD-2565-4931-BBA0-2CACD7671352"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:webmin:webmin:1.2.50:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4784DC04-D2C5-46C6-831F-23D69B4B0513"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:webmin:webmin:1.2.60:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9C219DAB-C13C-4232-8B98-2D7A9ED16E30"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://jvn.jp/jp/JVN%2367974490/index.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/20777",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://securityreason.com/securityalert/1161",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://securitytracker.com/id?1016375",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/88_e.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/438149/100/0/threaded",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/18613",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2006/2493",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.webmin.com/changes.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27366",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://jvn.jp/jp/JVN%2367974490/index.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/20777",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://securityreason.com/securityalert/1161",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://securitytracker.com/id?1016375",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/88_e.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/438149/100/0/threaded",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/18613",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2006/2493",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.webmin.com/changes.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27366",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
],
|
|
"evaluatorSolution": "Update to version 1.280."
|
|
} |