Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1437

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-1437
Last Modified 05 Sep 2008 05:01:54
Published 15 Apr 2006 07:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1437

Summary

UPOINT @1 Event Publisher stores sensitive information under the web document root with insufifcient access control, which allows remote attackers to read private comments via a direct request to eventpublisher.txt.

Vulnerable Systems

Application

  • Upoint At1 Event Publisher 2003-12-18


References

OSVDB - 24237

MISC - http://osvdb.org/ref/24/24236-upoint.txt

BID - 17647

SECUNIA - 19727


Last Updated: 27 May 2016 10:42:02