5

CVE-2006-4140

Exploit

EPSS 10.88%
Veröffentlicht 14.08.2006 23:04:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Directory traversal vulnerability in IPCheck Server Monitor before 5.3.3.639/640 allows remote attackers to read arbitrary files via modified .. (dot dot) sequences in the URL, including (1) "..%2f" (encoded "/" slash), "..../" (multiple dot), and "..%255c../" (double-encoded "\" backslash).

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 13

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ipcheck ≫ Server Monitor Version4.3.1.368

Ipcheck ≫ Server Monitor Version4.3.1.382

Ipcheck ≫ Server Monitor Version4.4.1.521

Ipcheck ≫ Server Monitor Version4.4.1.522

Ipcheck ≫ Server Monitor Version5.0.1.272

Ipcheck ≫ Server Monitor Version5.0.1.299

Ipcheck ≫ Server Monitor Version5.0.1.309

Ipcheck ≫ Server Monitor Version5.0.1.321

Ipcheck ≫ Server Monitor Version5.1.0.341

Ipcheck ≫ Server Monitor Version5.1.0.342

Ipcheck ≫ Server Monitor Version5.1.0.345

Ipcheck ≫ Server Monitor Version5.2.0.404

Ipcheck ≫ Server Monitor Version5.2.0.405

Ipcheck ≫ Server Monitor Version5.2.0.418

Ipcheck ≫ Server Monitor Version5.2.0.420

Ipcheck ≫ Server Monitor Version5.2.2.449

Ipcheck ≫ Server Monitor Version5.2.2.451

Ipcheck ≫ Server Monitor Version5.3.0.506

Ipcheck ≫ Server Monitor Version5.3.0.507

Ipcheck ≫ Server Monitor Version5.3.0.508

Ipcheck ≫ Server Monitor Version5.3.0.509

Ipcheck ≫ Server Monitor Version5.3.1.574

Ipcheck ≫ Server Monitor Version5.3.1.575

Ipcheck ≫ Server Monitor Version5.3.1.578

Ipcheck ≫ Server Monitor Version5.3.1.579

Ipcheck ≫ Server Monitor Version5.3.1.580

Ipcheck ≫ Server Monitor Version5.3.1.581

Ipcheck ≫ Server Monitor Version5.3.1.586

Ipcheck ≫ Server Monitor Version5.3.1.587

Ipcheck ≫ Server Monitor Version5.3.2.605

Ipcheck ≫ Server Monitor Version5.3.2.606

Ipcheck ≫ Server Monitor Version5.3.2.609

Ipcheck ≫ Server Monitor Version5.3.2.610

Ipcheck ≫ Server Monitor Version5.3.2.616

Ipcheck ≫ Server Monitor Version5.3.2.617

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	10.88%	0.932

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://secunia.com/advisories/21468

Vendor Advisory

Exploit

http://securityreason.com/securityalert/1389

http://securitytracker.com/id?1016676

Exploit

http://www.paessler.com/forum/viewtopic.php?p=4047&sid=f8c0f03a69d9498338797c6ea3cc6733

http://www.paessler.com/ipcheck/history

http://www.securityfocus.com/archive/1/442822/100/0/threaded

http://www.securityfocus.com/archive/1/444227/100/0/threaded

http://www.securityfocus.com/bid/19473

Exploit

http://www.vupen.com/english/advisories/2006/3259

https://exchange.xforce.ibmcloud.com/vulnerabilities/28341

https://nvd.nist.gov/vuln/detail/CVE-2006-4140

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-4140

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-4140

EUVD