CVE-2006-5819

Sažetak

Verity Ultraseek before 5.7 allows remote attackers to use the server as a proxy for web attacks and host scanning via a direct request to the highlight/index.html script.

Reference

http://securitytracker.com/id?1017235
http://www.kb.cert.org/vuls/id/559616
http://www.osvdb.org/22892
http://www.osvdb.org/30286
http://www.securityfocus.com/archive/1/451847/100/0/threaded
http://www.securityfocus.com/bid/21120
http://www.ultraseek.com/support/docs/RELNOTES.txt
http://www.zerodayinitiative.com/advisories/ZDI-06-042.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/30311

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

17-10-2018 - 21:45

Objavljeno

18-11-2006 - 00:07