Search criteria
3 vulnerabilities found for tippingpoint_sms_server by 3com
FKIE_CVE-2006-0993
Vulnerability from fkie_nvd - Published: 2006-05-10 02:22 - Updated: 2025-04-03 01:03
Severity ?
Summary
The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 3com | tippingpoint_sms_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:3com:tippingpoint_sms_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8386EA42-F932-4562-A9AD-327BE51E2516",
"versionEndIncluding": "2.2.1.4477",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings."
}
],
"evaluatorSolution": "Upgrade to 3Com TippingPoint SMS Server version 2.2.1.4478",
"id": "CVE-2006-0993",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-05-10T02:22:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20058"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/870"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016051"
},
{
"source": "cve@mitre.org",
"url": "http://www.3com.com/securityalert/alerts/3COM-06-002.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/25360"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/433432/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/17935"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/1752"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-013.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016051"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.3com.com/securityalert/alerts/3COM-06-002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/25360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/433432/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/17935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/1752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26338"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2006-0993 (GCVE-0-2006-0993)
Vulnerability from cvelistv5 – Published: 2006-05-10 01:00 – Updated: 2024-08-07 16:56
VLAI?
Summary
The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:56:15.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060509 ZDI-06-013: 3Com TippingPoint SMS Server Information Disclosure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/433432/100/0/threaded"
},
{
"name": "17935",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17935"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-013.html"
},
{
"name": "20058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20058"
},
{
"name": "tippingpoint-sms-information-disclosure(26338)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26338"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.3com.com/securityalert/alerts/3COM-06-002.html"
},
{
"name": "1016051",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016051"
},
{
"name": "870",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/870"
},
{
"name": "25360",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25360"
},
{
"name": "ADV-2006-1752",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1752"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060509 ZDI-06-013: 3Com TippingPoint SMS Server Information Disclosure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/433432/100/0/threaded"
},
{
"name": "17935",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17935"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-013.html"
},
{
"name": "20058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20058"
},
{
"name": "tippingpoint-sms-information-disclosure(26338)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26338"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.3com.com/securityalert/alerts/3COM-06-002.html"
},
{
"name": "1016051",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016051"
},
{
"name": "870",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/870"
},
{
"name": "25360",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25360"
},
{
"name": "ADV-2006-1752",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1752"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060509 ZDI-06-013: 3Com TippingPoint SMS Server Information Disclosure Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/433432/100/0/threaded"
},
{
"name": "17935",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17935"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-06-013.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-013.html"
},
{
"name": "20058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20058"
},
{
"name": "tippingpoint-sms-information-disclosure(26338)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26338"
},
{
"name": "http://www.3com.com/securityalert/alerts/3COM-06-002.html",
"refsource": "CONFIRM",
"url": "http://www.3com.com/securityalert/alerts/3COM-06-002.html"
},
{
"name": "1016051",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016051"
},
{
"name": "870",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/870"
},
{
"name": "25360",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25360"
},
{
"name": "ADV-2006-1752",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1752"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0993",
"datePublished": "2006-05-10T01:00:00",
"dateReserved": "2006-03-03T00:00:00",
"dateUpdated": "2024-08-07T16:56:15.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0993 (GCVE-0-2006-0993)
Vulnerability from nvd – Published: 2006-05-10 01:00 – Updated: 2024-08-07 16:56
VLAI?
Summary
The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:56:15.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060509 ZDI-06-013: 3Com TippingPoint SMS Server Information Disclosure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/433432/100/0/threaded"
},
{
"name": "17935",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17935"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-013.html"
},
{
"name": "20058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20058"
},
{
"name": "tippingpoint-sms-information-disclosure(26338)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26338"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.3com.com/securityalert/alerts/3COM-06-002.html"
},
{
"name": "1016051",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016051"
},
{
"name": "870",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/870"
},
{
"name": "25360",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25360"
},
{
"name": "ADV-2006-1752",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1752"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060509 ZDI-06-013: 3Com TippingPoint SMS Server Information Disclosure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/433432/100/0/threaded"
},
{
"name": "17935",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17935"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-013.html"
},
{
"name": "20058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20058"
},
{
"name": "tippingpoint-sms-information-disclosure(26338)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26338"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.3com.com/securityalert/alerts/3COM-06-002.html"
},
{
"name": "1016051",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016051"
},
{
"name": "870",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/870"
},
{
"name": "25360",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25360"
},
{
"name": "ADV-2006-1752",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1752"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060509 ZDI-06-013: 3Com TippingPoint SMS Server Information Disclosure Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/433432/100/0/threaded"
},
{
"name": "17935",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17935"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-06-013.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-013.html"
},
{
"name": "20058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20058"
},
{
"name": "tippingpoint-sms-information-disclosure(26338)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26338"
},
{
"name": "http://www.3com.com/securityalert/alerts/3COM-06-002.html",
"refsource": "CONFIRM",
"url": "http://www.3com.com/securityalert/alerts/3COM-06-002.html"
},
{
"name": "1016051",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016051"
},
{
"name": "870",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/870"
},
{
"name": "25360",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25360"
},
{
"name": "ADV-2006-1752",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1752"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0993",
"datePublished": "2006-05-10T01:00:00",
"dateReserved": "2006-03-03T00:00:00",
"dateUpdated": "2024-08-07T16:56:15.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}