Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1201

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-1201
Last Modified 07 Mar 2011 09:32:21
Published 13 Mar 2006 08:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1201

Summary

Directory traversal vulnerability in resetpw.php in eschew.net phpBannerExchange 2.0 and earlier, and other versions before 2.0 Update 5, allows remote attackers to read arbitrary files via a .. (dot dot) in the email parameter during a "Recover password" operation (recoverpw.php).

Vulnerable Systems

Application

  • Eschew.net Phpbannerexchange 2.0

  • Eschew.net Phpbannerexchange 2.0 Update 1

  • Eschew.net Phpbannerexchange 2.0 Update 2

  • Eschew.net Phpbannerexchange 2.0 Update 3

  • Eschew.net Phpbannerexchange 2.0 Update 4


References

XF - phpbannerexchange-recoverpw-dir-traversal(25080)

XF - phpbannerexchange-resetpw-dir-traversal(25071)

VUPEN - ADV-2006-0869

BID - 16996

BUGTRAQ - 20060307 phpBannerExchange 2.0 Directory Traversal Vulnerability

OSVDB - 23720

MISC - http://www.h4cky0u.org/advisories/HYSA-2006-004-phpbanner.txt

CONFIRM - http://www.eschew.net/scripts/phpbe/2.0/releasenotes.php

SECUNIA - 19127


Last Updated: 27 May 2016 10:41:58