Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3147

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2006-3147
Last Modified 07 Mar 2011 09:37:57
Published 22 Jun 2006 06:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2006-3147

Summary

Unspecified vulnerability in Hosting Controller before 6.1 (aka Hotfix 3.2) allows remote authenticated attackers to gain host admin privileges, list all resellers, or change resellers' passwords via unspecified vectors. NOTE: due to the lack of precise details, it is not clear whether this is related to a previously disclosed issue such as CVE-2005-1788.

Vulnerable Systems

Application

  • Hosting Controller 6.1

  • Hosting Controller 6.1 Hotfix 1.4

  • Hosting Controller 6.1 Hotfix 1.7

  • Hosting Controller 6.1 Hotfix 1.9

  • Hosting Controller 6.1 Hotfix 2.0

  • Hosting Controller 6.1 Hotfix 2.1

  • Hosting Controller 6.1 Hotfix 2.3

  • Hosting Controller 6.1 Hotfix 2.8

  • Hosting Controller 6.1 Hotfix 2.9


References

SECUNIA - 20743

CONFIRM - http://hostingcontroller.com/english/logs/hotfixlogv61_3_2.html

XF - hosting-controller-admin-gain-privileges(27340)

VUPEN - ADV-2006-2459

BID - 18565

OSVDB - 26693

SECTRACK - 1016444


Last Updated: 27 May 2016 10:42:54