Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1718

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-1718
Last Modified 07 Mar 2011 09:33:43
Published 11 Apr 2006 07:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1718

Summary

Magus Perde Clever Copy 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to view the database username and password via a direct request for connect.inc.

Vulnerable Systems

Application

  • Clever Copy 1.0.0

  • Clever Copy 1.0.1

  • Clever Copy 1.0.2

  • Clever Copy 1.0.3

  • Clever Copy 2.0

  • Clever Copy 2.0a

  • Clever Copy 23.0

  • Clever Copy 3.0


References

VUPEN - ADV-2006-1316

BID - 17461

BUGTRAQ - 20060407 [ECHO_ADV_28$2006] Clever Copy <= 3.0 Connect.inc Critical Information Disclosure

SECUNIA - 19579

MISC - http://advisories.echo.or.id/adv/adv28-K-159-2006.txt

XF - clevercopy-connect-disclose-information(25720)


Last Updated: 27 May 2016 10:42:10