CVE-2006-0705

{"id": "CVE-2006-0705", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-02-15T11:06:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=120654385125315&w=2", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=120654385125315&w=2", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/18828", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/18843", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24516", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/29552", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://security.gentoo.org/glsa/glsa-200703-13.xml", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1015619", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://support.wrq.com/techdocs/1882.html", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/419241", "tags": ["Patch", "US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/16625", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/16640", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/0554", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/0555", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/1008/references", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24651", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=120654385125315&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=bugtraq&m=120654385125315&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/18828", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/18843", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/24516", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/29552", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://security.gentoo.org/glsa/glsa-200703-13.xml", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1015619", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://support.wrq.com/techdocs/1882.html", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/419241", "tags": ["Patch", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/16625", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/16640", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2006/0554", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2006/0555", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2008/1008/references", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24651", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-134"}]}], "descriptions": [{"lang": "en", "value": "Format string vulnerability in a logging function as used by various SFTP servers, including (1) AttachmateWRQ Reflection for Secure IT UNIX Server before 6.0.0.9, (2) Reflection for Secure IT Windows Server before 6.0 build 38, (3) F-Secure SSH Server for Windows before 5.3 build 35, (4) F-Secure SSH Server for UNIX 3.0 through 5.0.8, (5) SSH Tectia Server 4.3.6 and earlier and 4.4.0, and (6) SSH Shell Server 3.2.9 and earlier, allows remote authenticated users to execute arbitrary commands via unspecified vectors, involving crafted filenames and the stat command."}], "lastModified": "2024-11-21T00:07:08.727", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:attachmatewrq:reflection_for_secure_it_server:6.0:*:unix:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D773D86-26DA-4483-A16E-005232B9DF18"}, {"criteria": "cpe:2.3:a:attachmatewrq:reflection_for_secure_it_server:6.0:*:win:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "007F8B68-5E11-4FC8-9D18-719DF0A1F904"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "828E1D3E-C888-4E28-8676-E1D6298BD339"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D379AB4-74F4-4E03-967B-57F34697941F"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.1:*:unix:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37D85A8A-3A63-45D2-A8FF-8C7E418232FD"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E965836B-EA89-4BA9-8D4A-562F8C6C3632"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FE6E187-92F4-4940-BCB2-D5666D8776D9"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC639035-D459-4964-AE75-478BC6CD0AFA"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CB5E609-2C26-4A02-A7C9-2C4648595321"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72EB2B8C-9A8E-4132-B063-C68F85C337FC"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99906561-4B53-4761-BE99-9A061E088EAD"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37F8096D-CAAA-4C97-A6D7-4417E687536C"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F92DCFF-1403-44D5-9ED3-EA6EB3B4E9E3"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "808266FA-E939-4975-A0A3-280E7244C528"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.1.0:*:unix:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "609AAA1C-8C26-4337-B34F-0DB51450FEC5"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.1.0_build9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "671E1719-E51E-442A-ADCA-2FB1998D1D94"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.2.0:*:unix:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ECCBEC85-7431-413A-9CCE-0209E255847D"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:3.2.3:*:unix:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A554C5FE-DBB1-40FD-BF11-9857B48CF409"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9396490-9409-461D-8102-3243EDB80434"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:5.1:*:win:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96F807C2-CF24-4686-BC45-C43A767A180D"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:5.2:*:win:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39842C81-82F2-40A4-9271-5CFC75F6F51E"}, {"criteria": "cpe:2.3:a:f-secure:f-secure_ssh_server:5.3:*:win:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF12909D-0AFA-40B5-A38C-CC9A1DC1F20C"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}