Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1541

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2006-1541
Last Modified 07 Mar 2011 09:33:17
Published 30 Mar 2006 06:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1541

Summary

SQL injection vulnerability in Default.asp in EzASPSite 2.0 RC3 and earlier allows remote attackers to execute arbitrary SQL commands and obtain the SHA1 hash of the admin password via the Scheme parameter.

Vulnerable Systems

Application

  • Ezaspsite 2.0 Rc3


References

VUPEN - ADV-2006-1164

MISC - http://www.nukedx.com/?viewdoc=22

MILW0RM - 1623

XF - ezaspsite-default-sql-injection(25544)

BID - 17309

BUGTRAQ - 20060329 EzASPSite <= 2.0 RC3 Remote SQL Injection Exploit Vulnerability.

OSVDB - 24256

SECUNIA - 19441


Last Updated: 27 May 2016 10:42:06