Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1764

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2006-1764
Last Modified 07 Mar 2011 09:33:50
Published 12 Apr 2006 09:06:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1764

Summary

Hosting Controller 6.1 stores forum/db/forum.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as user name and password credentials. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Vulnerable Systems

Application

  • Hosting Controller 1.1

  • Hosting Controller 1.3

  • Hosting Controller 1.4

  • Hosting Controller 1.4.1

  • Hosting Controller 1.4b

  • Hosting Controller 2002

  • Hosting Controller 2002 Rc 1

  • Hosting Controller 6.1

  • Hosting Controller 6.1 Hotfix 1.4

  • Hosting Controller 6.1 Hotfix 1.7

  • Hosting Controller 6.1 Hotfix 1.9

  • Hosting Controller 6.1 Hotfix 2.0

  • Hosting Controller 6.1 Hotfix 2.1

  • Hosting Controller 6.1 Hotfix 2.3

  • Hosting Controller 6.1 Hotfix 2.8

  • Hosting Controller 6.1 Hotfix 2.9


References

VUPEN - ADV-2006-1268

OSVDB - 24447

SECUNIA - 19569


Last Updated: 27 May 2016 10:42:10