CVE-2006-1598

Sažetak

AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with (1) dot and (2) space characters in the file extension.

Reference

http://secunia.com/advisories/19326
http://secunia.com/secunia_research/2006-21/advisory
http://securitytracker.com/id?1015858
http://www.osvdb.org/24323
http://www.securityfocus.com/archive/1/429667/100/0/threaded
http://www.securityfocus.com/bid/17350
http://www.vupen.com/english/advisories/2006/1200
https://exchange.xforce.ibmcloud.com/vulnerabilities/25591

CVSS

Base:	7.8
Impact:	6.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:N/A:N

Zadnje važnije ažuriranje

18-10-2018 - 16:33

Objavljeno

03-04-2006 - 17:04