mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
242 lines
8.3 KiB
JSON
242 lines
8.3 KiB
JSON
{
|
|
"id": "CVE-2006-0705",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2006-02-15T11:06:00.000",
|
|
"lastModified": "2017-07-20T01:29:59.800",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Format string vulnerability in a logging function as used by various SFTP servers, including (1) AttachmateWRQ Reflection for Secure IT UNIX Server before 6.0.0.9, (2) Reflection for Secure IT Windows Server before 6.0 build 38, (3) F-Secure SSH Server for Windows before 5.3 build 35, (4) F-Secure SSH Server for UNIX 3.0 through 5.0.8, (5) SSH Tectia Server 4.3.6 and earlier and 4.4.0, and (6) SSH Shell Server 3.2.9 and earlier, allows remote authenticated users to execute arbitrary commands via unspecified vectors, involving crafted filenames and the stat command."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "SINGLE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 6.5
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.0,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-134"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:attachmatewrq:reflection_for_secure_it_server:6.0:*:unix:*:*:*:*:*",
|
|
"matchCriteriaId": "9D773D86-26DA-4483-A16E-005232B9DF18"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:attachmatewrq:reflection_for_secure_it_server:6.0:*:win:*:*:*:*:*",
|
|
"matchCriteriaId": "007F8B68-5E11-4FC8-9D18-719DF0A1F904"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "828E1D3E-C888-4E28-8676-E1D6298BD339"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0D379AB4-74F4-4E03-967B-57F34697941F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.1:*:unix:*:*:*:*:*",
|
|
"matchCriteriaId": "37D85A8A-3A63-45D2-A8FF-8C7E418232FD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E965836B-EA89-4BA9-8D4A-562F8C6C3632"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0FE6E187-92F4-4940-BCB2-D5666D8776D9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AC639035-D459-4964-AE75-478BC6CD0AFA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7CB5E609-2C26-4A02-A7C9-2C4648595321"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "72EB2B8C-9A8E-4132-B063-C68F85C337FC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "99906561-4B53-4761-BE99-9A061E088EAD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "37F8096D-CAAA-4C97-A6D7-4417E687536C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8F92DCFF-1403-44D5-9ED3-EA6EB3B4E9E3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "808266FA-E939-4975-A0A3-280E7244C528"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.1.0:*:unix:*:*:*:*:*",
|
|
"matchCriteriaId": "609AAA1C-8C26-4337-B34F-0DB51450FEC5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.1.0_build9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "671E1719-E51E-442A-ADCA-2FB1998D1D94"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.2.0:*:unix:*:*:*:*:*",
|
|
"matchCriteriaId": "ECCBEC85-7431-413A-9CCE-0209E255847D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.2.3:*:unix:*:*:*:*:*",
|
|
"matchCriteriaId": "A554C5FE-DBB1-40FD-BF11-9857B48CF409"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:5.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A9396490-9409-461D-8102-3243EDB80434"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:5.1:*:win:*:*:*:*:*",
|
|
"matchCriteriaId": "96F807C2-CF24-4686-BC45-C43A767A180D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:5.2:*:win:*:*:*:*:*",
|
|
"matchCriteriaId": "39842C81-82F2-40A4-9271-5CFC75F6F51E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:5.3:*:win:*:*:*:*:*",
|
|
"matchCriteriaId": "CF12909D-0AFA-40B5-A38C-CC9A1DC1F20C"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://marc.info/?l=bugtraq&m=120654385125315&w=2",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://security.gentoo.org/glsa/glsa-200703-13.xml",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://securitytracker.com/id?1015619",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://support.wrq.com/techdocs/1882.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.kb.cert.org/vuls/id/419241",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch",
|
|
"US Government Resource"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/16625",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/16640",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2006/0554",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2006/0555",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2008/1008/references",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24651",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |