Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1505

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-1505
Last Modified 07 Mar 2011 09:33:13
Published 29 Mar 2006 08:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1505

Summary

base_maintenance.php in Basic Analysis and Security Engine (BASE) before 1.2.4 (melissa), when running in standalone mode, allows remote attackers to bypass authentication, possibly by setting the standalone parameter to "yes".

Vulnerable Systems

Application

  • Basic Analysis And Security Engine Base 1.1 Elizabeth

  • Basic Analysis And Security Engine Base 1.1.2 Zora

  • Basic Analysis And Security Engine Base 1.1.3 Lynn

  • Basic Analysis And Security Engine Base 1.1.4 Cheryl

  • Basic Analysis And Security Engine Base 1.2 Betty

  • Basic Analysis And Security Engine Base 1.2.1 Kris

  • Basic Analysis And Security Engine Base 1.2.2 Cindy


References

OSVDB - 24101

VUPEN - ADV-2006-1192

CONFIRM - http://cvs.sourceforge.net/viewcvs.py/secureideas/base-php4/docs/CHANGELOG?rev=1.233&view=markup

BID - 17354

SECUNIA - 19510


Last Updated: 27 May 2016 10:42:06