Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2096

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-2096
Last Modified 05 Sep 2008 05:03:39
Published 29 Apr 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2096

Summary

plug.php in Land Down Under (LDU) 802 and earlier allows remote attackers to obtain sensitive information via an invalid (1) month or (2) year parameter, which reveals the path in an error message.

Vulnerable Systems

Application

  • Neocrome Land Down Under 601

  • Neocrome Land Down Under 602

  • Neocrome Land Down Under 700.01

  • Neocrome Land Down Under 700.02

  • Neocrome Land Down Under 700.03

  • Neocrome Land Down Under 700.04

  • Neocrome Land Down Under 700.05

  • Neocrome Land Down Under 701

  • Neocrome Land Down Under 800

  • Neocrome Land Down Under 801

  • Neocrome Land Down Under 802


References

BUGTRAQ - 20060427 Land Down Under 802 and below version Path Disclosure Vulnerability

XF - landdownunder-monthyear-path-disclosure(26143)

SREASON - 814


Last Updated: 27 May 2016 10:42:20