CVE-2006-6104 (GCVE-0-2006-6104)
Vulnerability from cvelistv5
Published
2006-12-21 19:00
Modified
2024-08-07 20:12
Severity ?
CWE
  • n/a
Summary
The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to (1) read source code by appending a space (%20) to a URI, and (2) read credentials via a request for Web.Config%20.
References
secalert@redhat.com http://fedoranews.org/cms/node/2400
secalert@redhat.com http://fedoranews.org/cms/node/2401
secalert@redhat.com http://lists.suse.com/archive/suse-security-announce/2007-Jan/0002.html
secalert@redhat.com http://secunia.com/advisories/23432 Exploit, Patch, Vendor Advisory
secalert@redhat.com http://secunia.com/advisories/23435 Patch, Vendor Advisory
secalert@redhat.com http://secunia.com/advisories/23462 Patch, Vendor Advisory
secalert@redhat.com http://secunia.com/advisories/23597
secalert@redhat.com http://secunia.com/advisories/23727
secalert@redhat.com http://secunia.com/advisories/23776
secalert@redhat.com http://secunia.com/advisories/23779
secalert@redhat.com http://security.gentoo.org/glsa/glsa-200701-12.xml
secalert@redhat.com http://securityreason.com/securityalert/2082
secalert@redhat.com http://securitytracker.com/id?1017430
secalert@redhat.com http://www.eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html Exploit
secalert@redhat.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:234 Patch, Vendor Advisory
secalert@redhat.com http://www.securityfocus.com/archive/1/454962/100/0/threaded
secalert@redhat.com http://www.securityfocus.com/bid/21687 Exploit, Patch
secalert@redhat.com http://www.ubuntu.com/usn/usn-397-1 Patch
secalert@redhat.com http://www.vupen.com/english/advisories/2006/5099
secalert@redhat.com https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2092
af854a3a-2127-422b-91ae-364da2661108 http://fedoranews.org/cms/node/2400
af854a3a-2127-422b-91ae-364da2661108 http://fedoranews.org/cms/node/2401
af854a3a-2127-422b-91ae-364da2661108 http://lists.suse.com/archive/suse-security-announce/2007-Jan/0002.html
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/23432 Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/23435 Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/23462 Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/23597
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/23727
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/23776
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/23779
af854a3a-2127-422b-91ae-364da2661108 http://security.gentoo.org/glsa/glsa-200701-12.xml
af854a3a-2127-422b-91ae-364da2661108 http://securityreason.com/securityalert/2082
af854a3a-2127-422b-91ae-364da2661108 http://securitytracker.com/id?1017430
af854a3a-2127-422b-91ae-364da2661108 http://www.eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html Exploit
af854a3a-2127-422b-91ae-364da2661108 http://www.mandriva.com/security/advisories?name=MDKSA-2006:234 Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/archive/1/454962/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/bid/21687 Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108 http://www.ubuntu.com/usn/usn-397-1 Patch
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2006/5099
af854a3a-2127-422b-91ae-364da2661108 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2092
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:12:31.711Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-200701-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200701-12.xml"
          },
          {
            "name": "23597",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23597"
          },
          {
            "name": "ADV-2006-5099",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/5099"
          },
          {
            "name": "SUSE-SA:2007:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0002.html"
          },
          {
            "name": "2082",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/2082"
          },
          {
            "name": "oval:org.mitre.oval:def:2092",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2092"
          },
          {
            "name": "20061220 Mono XSP ASP.NET Server sourcecode disclosure vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/454962/100/0/threaded"
          },
          {
            "name": "1017430",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1017430"
          },
          {
            "name": "FEDORA-2007-067",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/cms/node/2400"
          },
          {
            "name": "23462",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23462"
          },
          {
            "name": "23727",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23727"
          },
          {
            "name": "23779",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23779"
          },
          {
            "name": "MDKSA-2006:234",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:234"
          },
          {
            "name": "23776",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23776"
          },
          {
            "name": "21687",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/21687"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html"
          },
          {
            "name": "23435",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23435"
          },
          {
            "name": "23432",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23432"
          },
          {
            "name": "FEDORA-2007-068",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/cms/node/2401"
          },
          {
            "name": "USN-397-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-397-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-12-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to (1) read source code by appending a space (%20) to a URI, and (2) read credentials via a request for Web.Config%20."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "GLSA-200701-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200701-12.xml"
        },
        {
          "name": "23597",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23597"
        },
        {
          "name": "ADV-2006-5099",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/5099"
        },
        {
          "name": "SUSE-SA:2007:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0002.html"
        },
        {
          "name": "2082",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/2082"
        },
        {
          "name": "oval:org.mitre.oval:def:2092",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2092"
        },
        {
          "name": "20061220 Mono XSP ASP.NET Server sourcecode disclosure vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/454962/100/0/threaded"
        },
        {
          "name": "1017430",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1017430"
        },
        {
          "name": "FEDORA-2007-067",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/cms/node/2400"
        },
        {
          "name": "23462",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23462"
        },
        {
          "name": "23727",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23727"
        },
        {
          "name": "23779",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23779"
        },
        {
          "name": "MDKSA-2006:234",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:234"
        },
        {
          "name": "23776",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23776"
        },
        {
          "name": "21687",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/21687"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html"
        },
        {
          "name": "23435",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23435"
        },
        {
          "name": "23432",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23432"
        },
        {
          "name": "FEDORA-2007-068",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/cms/node/2401"
        },
        {
          "name": "USN-397-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-397-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2006-6104",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to (1) read source code by appending a space (%20) to a URI, and (2) read credentials via a request for Web.Config%20."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-200701-12",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200701-12.xml"
            },
            {
              "name": "23597",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23597"
            },
            {
              "name": "ADV-2006-5099",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/5099"
            },
            {
              "name": "SUSE-SA:2007:002",
              "refsource": "SUSE",
              "url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0002.html"
            },
            {
              "name": "2082",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/2082"
            },
            {
              "name": "oval:org.mitre.oval:def:2092",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2092"
            },
            {
              "name": "20061220 Mono XSP ASP.NET Server sourcecode disclosure vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/454962/100/0/threaded"
            },
            {
              "name": "1017430",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1017430"
            },
            {
              "name": "FEDORA-2007-067",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/cms/node/2400"
            },
            {
              "name": "23462",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23462"
            },
            {
              "name": "23727",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23727"
            },
            {
              "name": "23779",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23779"
            },
            {
              "name": "MDKSA-2006:234",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:234"
            },
            {
              "name": "23776",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23776"
            },
            {
              "name": "21687",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/21687"
            },
            {
              "name": "http://www.eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html",
              "refsource": "MISC",
              "url": "http://www.eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html"
            },
            {
              "name": "23435",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23435"
            },
            {
              "name": "23432",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23432"
            },
            {
              "name": "FEDORA-2007-068",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/cms/node/2401"
            },
            {
              "name": "USN-397-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-397-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2006-6104",
    "datePublished": "2006-12-21T19:00:00",
    "dateReserved": "2006-11-24T00:00:00",
    "dateUpdated": "2024-08-07T20:12:31.711Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-6104\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2006-12-21T19:28:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to (1) read source code by appending a space (%20) to a URI, and (2) read credentials via a request for Web.Config%20.\"},{\"lang\":\"es\",\"value\":\"La clase System.Web del XSP para el servidor ASP.NET desde la versi\u00f3n 1.1 hasta la 2.0 en Mono no verifica apropiadamente los nombres de rutas locales, lo cual permite a atacantes remotos (1)leer el c\u00f3digo fuente a\u00f1adiendo un espacio (%20) a la URI y (2) leer las credenciales mediante una petici\u00f3n al Web.Config%20.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mono:xsp:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7582C08-02F6-40C1-9B1C-180A812CDCA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mono:xsp:1.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8CA7330-4EAF-4AF3-9AFE-69A70D35222C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mono:xsp:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6106DBEE-4C36-4007-9E7F-149F4AC9BD09\"}]}]}],\"references\":[{\"url\":\"http://fedoranews.org/cms/node/2400\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://fedoranews.org/cms/node/2401\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.suse.com/archive/suse-security-announce/2007-Jan/0002.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/23432\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/23435\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/23462\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/23597\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/23727\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/23776\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/23779\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200701-12.xml\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://securityreason.com/securityalert/2082\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://securitytracker.com/id?1017430\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:234\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/454962/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/21687\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.ubuntu.com/usn/usn-397-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/5099\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2092\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://fedoranews.org/cms/node/2400\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://fedoranews.org/cms/node/2401\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.suse.com/archive/suse-security-announce/2007-Jan/0002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/23432\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/23435\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/23462\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/23597\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/23727\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/23776\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/23779\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200701-12.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securityreason.com/securityalert/2082\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1017430\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:234\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/454962/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/21687\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.ubuntu.com/usn/usn-397-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/5099\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2092\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.