Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0439

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-0439
Last Modified 07 Mar 2011 09:30:02
Published 26 Jan 2006 05:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0439

Summary

Text Rider 2.4 stores sensitive data in the data directory under the web document root with insufficient access control, which allows remote attackers to obtain usernames and password hashes by directly accessing data/userlist.txt.

Vulnerable Systems

Application

  • Text Rider 2.4


References

XF - textrider-data-information-disclosure(24279)

VUPEN - ADV-2006-0321

SECUNIA - 18605

MISC - http://evuln.com/vulns/46/summary.html

BUGTRAQ - 20060124 [eVuln] Text Rider Sensitive Information Disclosure

SECTRACK - 1015533


Last Updated: 27 May 2016 10:41:39