Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0686

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2006-0686
Last Modified 07 Mar 2011 09:30:36
Published 14 Feb 2006 07:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0686

Summary

add_user.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not check user privileges when adding a new administrative user, which allows remote attackers to gain unauthorized access.

Vulnerable Systems

Application

  • Virtual Hosting Control System 2.4.7.1


References

SECUNIA - 18799

VUPEN - ADV-2006-0534

BID - 16600

BUGTRAQ - 20060211 RS-2006-1: Multiple flaws in VHCS 2.x

MISC - http://www.rs-labs.com/adv/RS-Labs-Advisory-2006-1.txt

XF - vhcs-adduser-privilege-escalation(24667)

SREASON - 430


Last Updated: 27 May 2016 10:41:46