CVE-2006-3796

{"id": "CVE-2006-3796", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2006-07-24T12:19:00.000", "references": [{"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047989.html", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/1254", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/440435/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/19052", "source": "cve@mitre.org"}, {"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047989.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/1254", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/440435/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/19052", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "DeluxeBB 1.07 and earlier does not properly handle a username composed of a single space character, which allows remote authenticated users to login as the \"space\" user, post as the guest user, and block the ability of an administrator to ban the \"space\" user."}, {"lang": "es", "value": "DeluxeBB 1.07 y anteriores no maneja adecuadamente un nombre de usuario compuesto por un solo car\u00e1cter de espacio, lo cual permite a usuarios autenticados remotamente acceder al sistema como el usuario \"espacio\", enviar mensajes como el usuario invitado, y bloquear la capacidad de un administrador de expulsar al usuario \"espacio\"."}], "lastModified": "2024-11-21T00:14:26.763", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:deluxebb:deluxebb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AEFACE5-6714-4ACF-B8D9-6F8EF554C236", "versionEndIncluding": "1.07"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}