ID |
CVE-2006-5596
|
Summary |
Directory traversal vulnerability in the SSL server in AEP Smartgate 4.3b allows remote attackers to download arbitrary files via ..\ (dot dot backslash) sequences in an HTTP GET request. Update to version 4.3C or later. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 7.5 (as of 19-10-2017 - 01:29) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
|
Last major update |
19-10-2017 - 01:29 |
Published |
28-10-2006 - 00:07 |
Last modified |
19-10-2017 - 01:29 |