Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3483

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-3483
Last Modified 05 Sep 2008 05:07:16
Published 10 Jul 2006 04:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3483

Summary

PHPMailList 1.8.0 stores sensitive information under the web document root iwth insufficient access control, which allows remote attackers to obtain email addresses of subscribers, configuration information, and the admin username and password via direct requests to (1) list.dat or (2) ml_config.dat.

Vulnerable Systems

Application

  • Phpmaillist 1.8


References

OSVDB - 27018

SECTRACK - 1016439

MISC - http://lostmon.blogspot.com/2006/07/multiple-vulnerabilities-in.html

OSVDB - 27017


Last Updated: 27 May 2016 10:43:02