CVE-2006-6598

{"id": "CVE-2006-6598", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2006-12-15T22:28:00.000", "references": [{"url": "http://secunia.com/advisories/23402", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://tf-b4rt.berlios.de/changelog-torrentflux_2.1-b4rt.txt", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/21613", "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/2902", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/23402", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://tf-b4rt.berlios.de/changelog-torrentflux_2.1-b4rt.txt", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/21613", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.exploit-db.com/exploits/2902", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux before 2.2 and (2) torrentflux-b4rt before 2.1-b4rt-972 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the path parameter, a different vector than CVE-2006-6328."}, {"lang": "es", "value": "Vulnerabildiad de salto de directorio en viewnfo.php en (1) TorrentFlux anterior a 2.2 y (2) torrentflux-b4rt anterior 2.1-b4rt-972 permite a usuarios validados leer archivos de su elecci\u00f3n a trav\u00e9s de la secuencia .. (punto punto) en el par\u00e1metro path, un vector diferente que CVE-2006-6328."}], "lastModified": "2024-11-21T00:23:05.450", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:torrentflux:torrentflux:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC738E38-4158-4E63-929D-6CC971FAD24A", "versionEndIncluding": "2.2"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2526D31B-D081-4C35-9D98-26DD3DCBBB5D", "versionEndIncluding": "2.1_b4rt971"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "430F26F5-9C15-45A6-8FE2-3DE2D5676F3F"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40FE6027-3BBB-417A-BB59-8F344C79F35D"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "113272FC-6E2C-4C65-BF14-3A9478B8EE5C"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCC7B523-93AF-44A3-A6DB-6044049E221C"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84FD3104-2104-48AF-A246-E576CB691C4E"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7ECD29D9-93E0-479A-B755-B9D3EF203885"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E32CFEA-5023-46BB-B64B-3C3BB43BA232"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt61:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F44E2F6-1839-4AA2-9927-A8D27B08DB81"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt81:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61B4C1FB-BBD4-4C52-8FE2-8F4AE31DC749"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt82:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4542049A-1D9D-4FBC-8B2B-541FDAB057F8"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt83:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17E18EF1-A50A-4788-91CE-1F788CB5BA77"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt84:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48C05143-0B64-4221-B118-A76DC859BD12"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt85:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "402B5C5A-FC57-4EE0-872D-4F4A12A283E1"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt91:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D59C1106-AA83-45AE-B9DD-5A50647562DC"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt92:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47AC093F-EF43-4CC9-A6F0-F127E58CAA8F"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt93:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "976E5481-8D4E-4DC4-AC04-CB71F2729C49"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt94:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92DB5D17-30FD-44FD-9BF6-ADEB77665537"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt95:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A212E631-FAE5-4FC4-9396-EDA4F63A129A"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt96:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1359647-6E65-4EC4-9754-35CAC1700C68"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt97:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7E42B11-55B0-4302-95D7-54D9E17936BF"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt801:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3272FCC8-CCDC-4864-851D-78B776B8C66A"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt802:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0A5E5F0-1C8D-4CBE-AF51-E9784CE9AF05"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt951:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF63B674-0D31-4003-B79B-87F2B891B6C1"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt952:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ADC9FAD6-BF60-4DE1-A045-86D8689EE281"}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt953:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D4A2D82-46E9-4884-BD81-AF33702EEF7A"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}