cvelistv5 - cve-2006-4244

CVE-2006-4244 (GCVE-0-2006-4244)

Vulnerability from cvelistv5

Published

2006-08-31 01:00

Modified

2024-08-07 19:06

Severity ?

CWE

Summary

SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger-[username] cookie matches the value of the sessionid parameter, which allows remote attackers to gain access as any logged-in user by setting the cookie and the parameter to the same value.

References

►

URL

Tags

security@debian.org	http://secunia.com/advisories/21689	Vendor Advisory
security@debian.org	http://securityreason.com/securityalert/1472
security@debian.org	http://www.securityfocus.com/archive/1/444741/100/0/threaded
security@debian.org	http://www.securityfocus.com/archive/1/445512	Exploit
security@debian.org	http://www.securityfocus.com/bid/19758
security@debian.org	http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html&title=What%27s%20New
security@debian.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/28671
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21689	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/1472
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/444741/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/445512	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/19758
af854a3a-2127-422b-91ae-364da2661108	http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html&title=What%27s%20New
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/28671

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:06:06.557Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html\u0026title=What%27s%20New"
          },
          {
            "name": "sql-ledger-session-unauth-access(28671)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28671"
          },
          {
            "name": "19758",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19758"
          },
          {
            "name": "21689",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21689"
          },
          {
            "name": "20060830 SQL-Ledger serious security vulnerability and workaround",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/444741/100/0/threaded"
          },
          {
            "name": "20060907 Full Disclosure for SQL-Ledger vulnerability CVE-2006-4244",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/445512"
          },
          {
            "name": "1472",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/1472"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-08-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger-[username] cookie matches the value of the sessionid parameter, which allows remote attackers to gain access as any logged-in user by setting the cookie and the parameter to the same value."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html\u0026title=What%27s%20New"
        },
        {
          "name": "sql-ledger-session-unauth-access(28671)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28671"
        },
        {
          "name": "19758",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19758"
        },
        {
          "name": "21689",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21689"
        },
        {
          "name": "20060830 SQL-Ledger serious security vulnerability and workaround",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/444741/100/0/threaded"
        },
        {
          "name": "20060907 Full Disclosure for SQL-Ledger vulnerability CVE-2006-4244",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/445512"
        },
        {
          "name": "1472",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/1472"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2006-4244",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger-[username] cookie matches the value of the sessionid parameter, which allows remote attackers to gain access as any logged-in user by setting the cookie and the parameter to the same value."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html\u0026title=What\u0027s%20New",
              "refsource": "CONFIRM",
              "url": "http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html\u0026title=What\u0027s%20New"
            },
            {
              "name": "sql-ledger-session-unauth-access(28671)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28671"
            },
            {
              "name": "19758",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/19758"
            },
            {
              "name": "21689",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21689"
            },
            {
              "name": "20060830 SQL-Ledger serious security vulnerability and workaround",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/444741/100/0/threaded"
            },
            {
              "name": "20060907 Full Disclosure for SQL-Ledger vulnerability CVE-2006-4244",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/445512"
            },
            {
              "name": "1472",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/1472"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2006-4244",
    "datePublished": "2006-08-31T01:00:00",
    "dateReserved": "2006-08-21T00:00:00",
    "dateUpdated": "2024-08-07T19:06:06.557Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-4244\",\"sourceIdentifier\":\"security@debian.org\",\"published\":\"2006-08-31T01:04:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger-[username] cookie matches the value of the sessionid parameter, which allows remote attackers to gain access as any logged-in user by setting the cookie and the parameter to the same value.\"},{\"lang\":\"es\",\"value\":\"SQL-Ledger 2.4.4 a la 2.6.17 valida usuarios a trav\u00e9s de la verificaci\u00f3n del valor de la cookie sql-ledger-[username] selecciona el valor del par\u00e1metro sessionid, lo cual permite a un atacante remoto aumentar el acceso como cualquier usuario validado a trav\u00e9s de la configuraci\u00f3n la cookie y el par\u00e1metro con el mismo valor.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96A468DE-4EA0-40E5-848C-9A046E9EE073\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AB67B38-EB93-4F07-B57D-20D839036341\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA5C8095-CDB8-40D3-8AE1-0F31B62DA859\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E93E88F3-AAB8-424A-909D-187490A569DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9379DECB-18FB-47FF-B6CA-FEDE70BD0090\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DE7C358-802F-47B9-B905-72077F0C27D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08C91CB6-C4C3-4964-875B-868FCF2AFB33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AA97417-7192-4BC7-8C6D-CF2F311491AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.4.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB579DCA-1C5C-4EA3-9EFA-B440D64B771F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.4.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51CD497C-6B27-440C-ADD3-9CCE7835B512\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.4.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8647ABC-1F51-4E3C-A362-ECE15961F7AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.4.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5587FE38-7533-45CD-B238-88691B8B0ACD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.4.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1942D52F-6877-4B81-9157-D5CAB707D66D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFBA608E-699C-4D60-AF1F-1BBA3862A47B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5699B67-86B0-47FE-90D9-D409F6FABC15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D11204D-B57D-40E6-B8FE-59F48BE8EAD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C31AB41D-86C9-4063-9D63-DEF9C463CB6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"388D505B-8227-4C5F-93BA-B37B7FCE08A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9895620D-BABD-4A4A-A196-BC5FCC549FE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A067D306-200B-4EF6-A58F-0222FDA16C7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46865444-8B28-4DBA-8086-E2C5B5E4D33D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C671286-D9AC-46F0-866F-B530C25901FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE5762E9-A65D-43D1-AE6F-D00469F2C1F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A017D9C-78DE-4D35-AE6E-032311F8CF22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0F9DB72-874F-4369-AE14-EF33B98574E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08A78E62-B64F-4A3F-A89A-86D19E7FA403\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB32ED5F-490C-4C72-96EF-FE1B239A1841\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE241D6D-6802-4BA6-B526-15824976C8BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EC578E3-D2DF-497B-8D25-AE64AA39DEBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DAE416E-30A9-4AB3-B968-BB17EB1889F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12BFEF80-BCC4-44BC-A7B6-D688F1688A96\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD7E5E53-3B67-46CA-A85F-37A93958A4BD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD66FE58-EF0E-4F02-9FDB-8AB5C715FCD6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32309E76-7795-47B7-937E-CB6122A1BBB0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD3EDFA2-8A21-4331-9715-3204DAA22845\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3635B9CC-E41D-4B08-8790-088035A1BB77\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35CDD731-E995-4513-9AC4-D0EE9820E995\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42CAECC0-260F-4B61-ACC6-18C075003FBB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EC85020-344F-4B75-A79E-CA190FD8D335\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F314723-AE62-4DA9-8904-B27DD1D3AA28\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.6.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BB097CC-822C-4271-8D86-C978E3687630\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5C8571C-8240-4DA2-9190-AA5844ACE954\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8D4DB7D-B779-42C3-87E0-F19FD546B1D0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9347B79-BF54-45B9-91BE-10AC9B8CAE1D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80606CA8-22A2-4B8B-870D-80723DBA2EB4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E4E69D9-273F-4816-B793-2F6BAF764C74\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F81B17BD-570A-4FB2-B9F3-D7FA1230FB39\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EC2718E-D742-4E6A-BBA2-4FE16AB9F808\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA77D30D-51F9-4B1D-8BCF-3725BDA43526\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E9B5E2C-8C1C-4C47-B69D-A1AA17F9AAAC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79497E96-8A63-4D02-A6C4-490146BFCDAC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D962297-E903-4F52-A572-B58D056248E4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD2CB622-0A42-4498-9218-EC691772BF83\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C42629C1-3BC6-40AE-9A5C-F6E8CF5BD88E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E89B5D37-EFC0-4C4C-AF9C-7504FBDB9DFE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F47E4D57-7CC5-493E-97BF-E46A50D8CF84\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17E2A5DA-FB9F-43C7-BF0E-D2015064B8BB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23E2D064-9D18-4868-A8C1-2CED2755425F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2C3C7C0-F508-4565-BD6E-4C54A4DA0E9F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:sql-ledger:sql-ledger:2.8.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4882BC7-93D6-457C-BFB8-633115F04E7E\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/21689\",\"source\":\"security@debian.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/1472\",\"source\":\"security@debian.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/444741/100/0/threaded\",\"source\":\"security@debian.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/445512\",\"source\":\"security@debian.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/bid/19758\",\"source\":\"security@debian.org\"},{\"url\":\"http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html\u0026title=What%27s%20New\",\"source\":\"security@debian.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/28671\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/21689\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/1472\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/444741/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/445512\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/bid/19758\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html\u0026title=What%27s%20New\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/28671\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

fkie_cve-2006-4244

Vulnerability from fkie_nvd

Published

2006-08-31 01:04

Modified

2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
security@debian.org	http://secunia.com/advisories/21689	Vendor Advisory
security@debian.org	http://securityreason.com/securityalert/1472
security@debian.org	http://www.securityfocus.com/archive/1/444741/100/0/threaded
security@debian.org	http://www.securityfocus.com/archive/1/445512	Exploit
security@debian.org	http://www.securityfocus.com/bid/19758
security@debian.org	http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html&title=What%27s%20New
security@debian.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/28671
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21689	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/1472
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/444741/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/445512	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/19758
af854a3a-2127-422b-91ae-364da2661108	http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html&title=What%27s%20New
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/28671

Impacted products

Vendor	Product	Version
sql-ledger	sql-ledger	2.4.4
sql-ledger	sql-ledger	2.4.5
sql-ledger	sql-ledger	2.4.6
sql-ledger	sql-ledger	2.4.7
sql-ledger	sql-ledger	2.4.8
sql-ledger	sql-ledger	2.4.9
sql-ledger	sql-ledger	2.4.10
sql-ledger	sql-ledger	2.4.11
sql-ledger	sql-ledger	2.4.12
sql-ledger	sql-ledger	2.4.13
sql-ledger	sql-ledger	2.4.14
sql-ledger	sql-ledger	2.4.15
sql-ledger	sql-ledger	2.4.16
sql-ledger	sql-ledger	2.6.0
sql-ledger	sql-ledger	2.6.1
sql-ledger	sql-ledger	2.6.2
sql-ledger	sql-ledger	2.6.3
sql-ledger	sql-ledger	2.6.4
sql-ledger	sql-ledger	2.6.5
sql-ledger	sql-ledger	2.6.6
sql-ledger	sql-ledger	2.6.7
sql-ledger	sql-ledger	2.6.8
sql-ledger	sql-ledger	2.6.9
sql-ledger	sql-ledger	2.6.10
sql-ledger	sql-ledger	2.6.11
sql-ledger	sql-ledger	2.6.12
sql-ledger	sql-ledger	2.6.13
sql-ledger	sql-ledger	2.6.14
sql-ledger	sql-ledger	2.6.15
sql-ledger	sql-ledger	2.6.16
sql-ledger	sql-ledger	2.6.17
sql-ledger	sql-ledger	2.6.18
sql-ledger	sql-ledger	2.6.19
sql-ledger	sql-ledger	2.6.20
sql-ledger	sql-ledger	2.6.21
sql-ledger	sql-ledger	2.6.22
sql-ledger	sql-ledger	2.6.23
sql-ledger	sql-ledger	2.6.24
sql-ledger	sql-ledger	2.6.25
sql-ledger	sql-ledger	2.6.26
sql-ledger	sql-ledger	2.6.27
sql-ledger	sql-ledger	2.8.0
sql-ledger	sql-ledger	2.8.1
sql-ledger	sql-ledger	2.8.2
sql-ledger	sql-ledger	2.8.3
sql-ledger	sql-ledger	2.8.4
sql-ledger	sql-ledger	2.8.5
sql-ledger	sql-ledger	2.8.6
sql-ledger	sql-ledger	2.8.7
sql-ledger	sql-ledger	2.8.8
sql-ledger	sql-ledger	2.8.9
sql-ledger	sql-ledger	2.8.10
sql-ledger	sql-ledger	2.8.11
sql-ledger	sql-ledger	2.8.12
sql-ledger	sql-ledger	2.8.13
sql-ledger	sql-ledger	2.8.14
sql-ledger	sql-ledger	2.8.15
sql-ledger	sql-ledger	2.8.16
sql-ledger	sql-ledger	2.8.17
sql-ledger	sql-ledger	2.8.18

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "96A468DE-4EA0-40E5-848C-9A046E9EE073",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB67B38-EB93-4F07-B57D-20D839036341",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA5C8095-CDB8-40D3-8AE1-0F31B62DA859",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E93E88F3-AAB8-424A-909D-187490A569DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "9379DECB-18FB-47FF-B6CA-FEDE70BD0090",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DE7C358-802F-47B9-B905-72077F0C27D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "08C91CB6-C4C3-4964-875B-868FCF2AFB33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AA97417-7192-4BC7-8C6D-CF2F311491AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB579DCA-1C5C-4EA3-9EFA-B440D64B771F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "51CD497C-6B27-440C-ADD3-9CCE7835B512",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8647ABC-1F51-4E3C-A362-ECE15961F7AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "5587FE38-7533-45CD-B238-88691B8B0ACD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "1942D52F-6877-4B81-9157-D5CAB707D66D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFBA608E-699C-4D60-AF1F-1BBA3862A47B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5699B67-86B0-47FE-90D9-D409F6FABC15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D11204D-B57D-40E6-B8FE-59F48BE8EAD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C31AB41D-86C9-4063-9D63-DEF9C463CB6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "388D505B-8227-4C5F-93BA-B37B7FCE08A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9895620D-BABD-4A4A-A196-BC5FCC549FE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A067D306-200B-4EF6-A58F-0222FDA16C7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "46865444-8B28-4DBA-8086-E2C5B5E4D33D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C671286-D9AC-46F0-866F-B530C25901FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE5762E9-A65D-43D1-AE6F-D00469F2C1F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A017D9C-78DE-4D35-AE6E-032311F8CF22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0F9DB72-874F-4369-AE14-EF33B98574E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "08A78E62-B64F-4A3F-A89A-86D19E7FA403",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB32ED5F-490C-4C72-96EF-FE1B239A1841",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE241D6D-6802-4BA6-B526-15824976C8BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EC578E3-D2DF-497B-8D25-AE64AA39DEBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DAE416E-30A9-4AB3-B968-BB17EB1889F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "12BFEF80-BCC4-44BC-A7B6-D688F1688A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD7E5E53-3B67-46CA-A85F-37A93958A4BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD66FE58-EF0E-4F02-9FDB-8AB5C715FCD6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "32309E76-7795-47B7-937E-CB6122A1BBB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD3EDFA2-8A21-4331-9715-3204DAA22845",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "3635B9CC-E41D-4B08-8790-088035A1BB77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "35CDD731-E995-4513-9AC4-D0EE9820E995",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "42CAECC0-260F-4B61-ACC6-18C075003FBB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EC85020-344F-4B75-A79E-CA190FD8D335",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F314723-AE62-4DA9-8904-B27DD1D3AA28",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BB097CC-822C-4271-8D86-C978E3687630",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5C8571C-8240-4DA2-9190-AA5844ACE954",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8D4DB7D-B779-42C3-87E0-F19FD546B1D0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9347B79-BF54-45B9-91BE-10AC9B8CAE1D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "80606CA8-22A2-4B8B-870D-80723DBA2EB4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4E69D9-273F-4816-B793-2F6BAF764C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F81B17BD-570A-4FB2-B9F3-D7FA1230FB39",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EC2718E-D742-4E6A-BBA2-4FE16AB9F808",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA77D30D-51F9-4B1D-8BCF-3725BDA43526",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E9B5E2C-8C1C-4C47-B69D-A1AA17F9AAAC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "79497E96-8A63-4D02-A6C4-490146BFCDAC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D962297-E903-4F52-A572-B58D056248E4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD2CB622-0A42-4498-9218-EC691772BF83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "C42629C1-3BC6-40AE-9A5C-F6E8CF5BD88E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "E89B5D37-EFC0-4C4C-AF9C-7504FBDB9DFE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "F47E4D57-7CC5-493E-97BF-E46A50D8CF84",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "17E2A5DA-FB9F-43C7-BF0E-D2015064B8BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "23E2D064-9D18-4868-A8C1-2CED2755425F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C3C7C0-F508-4565-BD6E-4C54A4DA0E9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4882BC7-93D6-457C-BFB8-633115F04E7E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger-[username] cookie matches the value of the sessionid parameter, which allows remote attackers to gain access as any logged-in user by setting the cookie and the parameter to the same value."
    },
    {
      "lang": "es",
      "value": "SQL-Ledger 2.4.4 a la 2.6.17 valida usuarios a trav\u00e9s de la verificaci\u00f3n del valor de la cookie sql-ledger-[username] selecciona el valor del par\u00e1metro sessionid, lo cual permite a un atacante remoto aumentar el acceso como cualquier usuario validado a trav\u00e9s de la configuraci\u00f3n la cookie y el par\u00e1metro con el mismo valor."
    }
  ],
  "id": "CVE-2006-4244",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-08-31T01:04:00.000",
  "references": [
    {
      "source": "security@debian.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21689"
    },
    {
      "source": "security@debian.org",
      "url": "http://securityreason.com/securityalert/1472"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.securityfocus.com/archive/1/444741/100/0/threaded"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/archive/1/445512"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.securityfocus.com/bid/19758"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html\u0026title=What%27s%20New"
    },
    {
      "source": "security@debian.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28671"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21689"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/1472"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/444741/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/archive/1/445512"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/19758"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html\u0026title=What%27s%20New"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28671"
    }
  ],
  "sourceIdentifier": "security@debian.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2006-4244

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2006-4244

Aliases

CVE-2006-4244

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-4244",
    "description": "SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger-[username] cookie matches the value of the sessionid parameter, which allows remote attackers to gain access as any logged-in user by setting the cookie and the parameter to the same value.",
    "id": "GSD-2006-4244",
    "references": [
      "https://www.debian.org/security/2006/dsa-1239"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-4244"
      ],
      "details": "SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger-[username] cookie matches the value of the sessionid parameter, which allows remote attackers to gain access as any logged-in user by setting the cookie and the parameter to the same value.",
      "id": "GSD-2006-4244",
      "modified": "2023-12-13T01:19:51.383590Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@debian.org",
        "ID": "CVE-2006-4244",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger-[username] cookie matches the value of the sessionid parameter, which allows remote attackers to gain access as any logged-in user by setting the cookie and the parameter to the same value."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html\u0026title=What\u0027s%20New",
            "refsource": "CONFIRM",
            "url": "http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html\u0026title=What\u0027s%20New"
          },
          {
            "name": "sql-ledger-session-unauth-access(28671)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28671"
          },
          {
            "name": "19758",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/19758"
          },
          {
            "name": "21689",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21689"
          },
          {
            "name": "20060830 SQL-Ledger serious security vulnerability and workaround",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/444741/100/0/threaded"
          },
          {
            "name": "20060907 Full Disclosure for SQL-Ledger vulnerability CVE-2006-4244",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/445512"
          },
          {
            "name": "1472",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/1472"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.27:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.25:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.26:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.4.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.6.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:sql-ledger:sql-ledger:2.8.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2006-4244"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger-[username] cookie matches the value of the sessionid parameter, which allows remote attackers to gain access as any logged-in user by setting the cookie and the parameter to the same value."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "19758",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/19758"
            },
            {
              "name": "21689",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/21689"
            },
            {
              "name": "20060907 Full Disclosure for SQL-Ledger vulnerability CVE-2006-4244",
              "refsource": "BUGTRAQ",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.securityfocus.com/archive/1/445512"
            },
            {
              "name": "1472",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/1472"
            },
            {
              "name": "sql-ledger-session-unauth-access(28671)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28671"
            },
            {
              "name": "http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html\u0026title=What\u0027s%20New",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html\u0026title=What\u0027s%20New"
            },
            {
              "name": "20060830 SQL-Ledger serious security vulnerability and workaround",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/444741/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-17T21:34Z",
      "publishedDate": "2006-08-31T01:04Z"
    }
  }
}

ghsa-v76g-p5xj-4qm7

Vulnerability from github

Published

2022-05-01 07:16

Modified

2025-04-03 04:39

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-4244"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-08-31T01:04:00Z",
    "severity": "HIGH"
  },
  "details": "SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger-[username] cookie matches the value of the sessionid parameter, which allows remote attackers to gain access as any logged-in user by setting the cookie and the parameter to the same value.",
  "id": "GHSA-v76g-p5xj-4qm7",
  "modified": "2025-04-03T04:39:29Z",
  "published": "2022-05-01T07:16:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4244"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28671"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21689"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/1472"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/444741/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/445512"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/19758"
    },
    {
      "type": "WEB",
      "url": "http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html\u0026title=What%27s%20New"
    },
    {
      "type": "WEB",
      "url": "http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html\u0026title=What\u0027s%20New"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2006-4244 (GCVE-0-2006-4244)

Vulnerability from cvelistv5

fkie_cve-2006-4244

Vulnerability from fkie_nvd

gsd-2006-4244

Vulnerability from gsd

ghsa-v76g-p5xj-4qm7

Vulnerability from github

Tags

Sightings

Nomenclature