CVE-2006-5981

{"id": "CVE-2006-5981", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-11-20T21:07:00.000", "references": [{"url": "http://secunia.com/advisories/22928", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://whitestar.linuxbox.org/pipermail/exploits/2006-November/000037.html", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/30448", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/4540", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30332", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/22928", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://whitestar.linuxbox.org/pipermail/exploits/2006-November/000037.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/30448", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2006/4540", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30332", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Multiple directory traversal vulnerabilities in SeleniumServer FTP Server 1.0, and possibly earlier, allow remote attackers to list arbitrary directories, read arbitrary files, and upload arbitrary files via directory traversal sequences in the (1) DIR (LIST or NLST), (2) GET (RETR), and (3) PUT (STOR) commands."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de salto de directorio en Selenium Server 1.0, y posiblemente anteriores, permiten a atacantes remotos listar directorios de su elecci\u00f3n, leer archivos de su elecci\u00f3n, y enviar archivos de su elecci\u00f3n mediante secuencias de salto de directorio en los comandos (1) DIR (LIST o NLST), (2) GET (RETR), y (3) PUT (STOR)."}], "lastModified": "2024-11-21T00:21:21.683", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:biba_software:seleniumserver_ftp_server:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E79A0B4-2C29-4AF1-902E-B431F1E10348"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}