Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0685

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2006-0685
Last Modified 07 Mar 2011 09:30:36
Published 14 Feb 2006 07:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0685

Summary

The check_login function in login.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not exit when authentication fails, which allows remote attackers to gain unauthorized access.

Vulnerable Systems

Application

  • Virtual Hosting Control System 2.4.7.1


References

SECUNIA - 18799

VUPEN - ADV-2006-0534

BID - 16600

BUGTRAQ - 20060211 RS-2006-1: Multiple flaws in VHCS 2.x

MISC - http://www.rs-labs.com/adv/RS-Labs-Advisory-2006-1.txt

XF - vhcs-checklogin-auth-bypass(24666)


Last Updated: 27 May 2016 10:41:46