CVE-2006-3831

{"id": "CVE-2006-3831", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-07-25T13:22:00.000", "references": [{"url": "http://secunia.com/advisories/21066", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/1271", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1016515", "source": "cve@mitre.org"}, {"url": "http://www.acid-root.new.fr/advisories/boastmachine.txt", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/440306/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/21066", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/1271", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1016515", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.acid-root.new.fr/advisories/boastmachine.txt", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/440306/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The Backup selection in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier uses predicable filenames for database backups and stores the files under the web root with insufficient access control, which allows remote attackers to obtain sensitive information by downloading a backup file."}, {"lang": "es", "value": "La selecci\u00f3n de backup en Kailash Nadh boastMachine (formalmente bMachine) 3.1 y anteriores utiliza nombres de archivo predecibles para backups de bases de datos y almancena nombres de archivo bajo la raiz web con insuficientes controles de acceso, lo caul permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de la descarga del fichero de backup."}], "lastModified": "2024-11-21T00:14:31.790", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:kailash_nadh:boastmachine:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E07E0861-8D6F-4771-8260-E6490570B0C7", "versionEndIncluding": "3.1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}