Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2901

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-2901
Last Modified 07 Mar 2011 09:37:16
Published 07 Jun 2006 05:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2901

Summary

The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware 2.10na and earlier allows remote attackers to obtain sensitive system information via a request to an arbitrary .cfg file, which returns configuration information including passwords.

Vulnerable Systems


References

BID - 18299

BUGTRAQ - 20060607 ADVISORY - D-Link Wireless Access-Point

MISC - http://www.intruders.com.br/adv0206en.html

VUPEN - ADV-2006-2186

SECUNIA - 20474

XF - dlink-config-file-access(26973)

BUGTRAQ - 20080301 The Router Hacking Challenge is Over!

MISC - http://www.gnucitizen.org/projects/router-hacking-challenge/

SECTRACK - 1016234

SREASON - 1064

MISC - http://www.intruders.org.br/adv0206en.html


Last Updated: 27 May 2016 10:42:35