ID CVE-2006-1764
Summary Hosting Controller 6.1 stores forum/db/forum.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as user name and password credentials. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
References
Vulnerable Configurations
  • cpe:2.3:a:hosting_controller:hosting_controller:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:hosting_controller:hosting_controller:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:hosting_controller:hosting_controller:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:hosting_controller:hosting_controller:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:hosting_controller:hosting_controller:1.4:*:*:*:*:*:*:*
    cpe:2.3:a:hosting_controller:hosting_controller:1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:hosting_controller:hosting_controller:1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:hosting_controller:hosting_controller:1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:hosting_controller:hosting_controller:1.4b:*:*:*:*:*:*:*
    cpe:2.3:a:hosting_controller:hosting_controller:1.4b:*:*:*:*:*:*:*
  • cpe:2.3:a:hosting_controller:hosting_controller:6.1:*:*:*:*:*:*:*
    cpe:2.3:a:hosting_controller:hosting_controller:6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.4:*:*:*:*:*:*:*
    cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.7:*:*:*:*:*:*:*
    cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.9:*:*:*:*:*:*:*
    cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.0:*:*:*:*:*:*:*
    cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.1:*:*:*:*:*:*:*
    cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.3:*:*:*:*:*:*:*
    cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.8:*:*:*:*:*:*:*
    cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:hosting_controller:hosting_controller:*:*:*:*:*:*:*:*
    cpe:2.3:a:hosting_controller:hosting_controller:*:*:*:*:*:*:*:*
  • cpe:2.3:a:hosting_controller:hosting_controller:2002:*:*:*:*:*:*:*
    cpe:2.3:a:hosting_controller:hosting_controller:2002:*:*:*:*:*:*:*
  • cpe:2.3:a:hosting_controller:hosting_controller:2002_rc_1:*:*:*:*:*:*:*
    cpe:2.3:a:hosting_controller:hosting_controller:2002_rc_1:*:*:*:*:*:*:*
CVSS
Base: 7.8 (as of 08-03-2011 - 02:33)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:N/A:N
refmap via4
osvdb 24447
secunia 19569
vupen ADV-2006-1268
Last major update 08-03-2011 - 02:33
Published 13-04-2006 - 01:06
Last modified 08-03-2011 - 02:33
Back to Top