Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0866

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-0866
Last Modified 05 Sep 2008 05:00:25
Published 23 Feb 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0866

Summary

PunBB 1.2.10 and earlier allows remote attackers to conduct brute force guessing attacks for an account's password, which may be as short as 4 characters.

Vulnerable Systems

Application

  • Punbb 1.0

  • Punbb 1.0 Alpha

  • Punbb 1.0 Beta1

  • Punbb 1.0 Beta1a

  • Punbb 1.0 Beta2

  • Punbb 1.0 Beta3

  • Punbb 1.0 Rc1

  • Punbb 1.0 Rc2

  • Punbb 1.0.1

  • Punbb 1.1

  • Punbb 1.1.1

  • Punbb 1.1.2

  • Punbb 1.1.3

  • Punbb 1.1.4

  • Punbb 1.1.5

  • Punbb 1.2

  • Punbb 1.2.1

  • Punbb 1.2.10

  • Punbb 1.2.2

  • Punbb 1.2.3

  • Punbb 1.2.4

  • Punbb 1.2.5

  • Punbb 1.2.6

  • Punbb 1.2.7

  • Punbb 1.2.8

  • Punbb 1.2.9


References

BUGTRAQ - 20060219 PunBB 1.2.10 Multiple DoS Vulnerabilities

MISC - http://www.neosecurityteam.net/advisories/Advisory-15.txt

XF - punbb-login-bruteforce(24838)


Last Updated: 27 May 2016 10:41:50