Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2248

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-2248
Last Modified 07 Mar 2011 09:35:48
Published 09 May 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2248

Summary

Xeneo Web Server 2.2.22.0 allows remote attackers to obtain the source code of script files via crafted requests containing dot, space, and slash characters in the file extension.

Vulnerable Systems

Application

  • Northern Solutions Xeneo Web Server 2.2.22.0


References

VUPEN - ADV-2006-1682

BID - 17858

OSVDB - 25283

MISC - http://secunia.com/secunia_research/2006-20/advisory/

SECUNIA - 19325

XF - xeneo-script-source-disclosure(26294)


Last Updated: 27 May 2016 10:42:24