1. CVE-Search
  2. CVE-2006-4140
ID CVE-2006-4140
Summary Directory traversal vulnerability in IPCheck Server Monitor before 5.3.3.639/640 allows remote attackers to read arbitrary files via modified .. (dot dot) sequences in the URL, including (1) "..%2f" (encoded "/" slash), "..../" (multiple dot), and "..%255c../" (double-encoded "\" backslash).
References
Vulnerable Configurations
  • cpe:2.3:a:ipcheck:server_monitor:4.3.1.368:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:4.3.1.368:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:4.3.1.382:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:4.3.1.382:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:4.4.1.521:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:4.4.1.521:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:4.4.1.522:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:4.4.1.522:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.0.1.272:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.0.1.272:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.0.1.299:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.0.1.299:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.0.1.309:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.0.1.309:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.0.1.321:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.0.1.321:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.1.0.341:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.1.0.341:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.1.0.342:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.1.0.342:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.1.0.345:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.1.0.345:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.2.0.404:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.2.0.404:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.2.0.405:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.2.0.405:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.2.0.418:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.2.0.418:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.2.0.420:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.2.0.420:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.2.2.449:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.2.2.449:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.2.2.451:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.2.2.451:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.3.0.506:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.3.0.506:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.3.0.507:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.3.0.507:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.3.0.508:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.3.0.508:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.3.0.509:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.3.0.509:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.3.1.574:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.3.1.574:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.3.1.575:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.3.1.575:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.3.1.578:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.3.1.578:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.3.1.579:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.3.1.579:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.3.1.580:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.3.1.580:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.3.1.581:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.3.1.581:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.3.1.586:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.3.1.586:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.3.1.587:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.3.1.587:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.3.2.605:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.3.2.605:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.3.2.606:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.3.2.606:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.3.2.609:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.3.2.609:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.3.2.610:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.3.2.610:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.3.2.616:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.3.2.616:*:*:*:*:*:*:*
  • cpe:2.3:a:ipcheck:server_monitor:5.3.2.617:*:*:*:*:*:*:*
    cpe:2.3:a:ipcheck:server_monitor:5.3.2.617:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 17-10-2018 - 21:33)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 19473
bugtraq
  • 20060810 Directory Traversal vulnerability in IPCheck Monitor Server
  • 20060824 Re: Directory Traversal vulnerability in IPCheck Monitor Server
confirm
sectrack 1016676
secunia 21468
sreason 1389
vupen ADV-2006-3259
xf ipcheck-url-directory-traversal(28341)
Last major update 17-10-2018 - 21:33
Published 14-08-2006 - 23:04
Last modified 17-10-2018 - 21:33
Back to Top