cvelistv5 - cve-2006-3290

CVE-2006-3290 (GCVE-0-2006-3290)

Vulnerability from cvelistv5 – Published: 2006-06-28 23:00 – Updated: 2024-08-07 18:23

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.vupen.com/english/advisories/2006/2583	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/20870	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.cisco.com/warp/public/707/cisco-sa-200…	vendor-advisoryx_refsource_CISCO
	http://securitytracker.com/id?1016398	vdb-entryx_refsource_SECTRACK
	http://www.osvdb.org/26879	vdb-entryx_refsource_OSVDB
	http://www.securityfocus.com/bid/18701	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:23:21.169Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2006-2583",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2583"
          },
          {
            "name": "20870",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20870"
          },
          {
            "name": "cisco-wcs-http-information-disclosure(27442)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27442"
          },
          {
            "name": "20060628 Multiple Vulnerabilities in Wireless Control System",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml"
          },
          {
            "name": "1016398",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016398"
          },
          {
            "name": "26879",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/26879"
          },
          {
            "name": "18701",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18701"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-06-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2006-2583",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2583"
        },
        {
          "name": "20870",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20870"
        },
        {
          "name": "cisco-wcs-http-information-disclosure(27442)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27442"
        },
        {
          "name": "20060628 Multiple Vulnerabilities in Wireless Control System",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml"
        },
        {
          "name": "1016398",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016398"
        },
        {
          "name": "26879",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/26879"
        },
        {
          "name": "18701",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18701"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3290",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2006-2583",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2583"
            },
            {
              "name": "20870",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20870"
            },
            {
              "name": "cisco-wcs-http-information-disclosure(27442)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27442"
            },
            {
              "name": "20060628 Multiple Vulnerabilities in Wireless Control System",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml"
            },
            {
              "name": "1016398",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016398"
            },
            {
              "name": "26879",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/26879"
            },
            {
              "name": "18701",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18701"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3290",
    "datePublished": "2006-06-28T23:00:00",
    "dateReserved": "2006-06-28T00:00:00",
    "dateUpdated": "2024-08-07T18:23:21.169Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:wireless_control_system:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.2\\\\(51\\\\)\", \"matchCriteriaId\": \"1B0A192A-AC2C-494D-9AFD-EB4C5DA536B4\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request.\"}, {\"lang\": \"es\", \"value\": \"El servidor HTTP de Cisco Wireless Control System (WCS) para Linux y Windows en sus versiones anteriores a la v3.2(51) almacena informaci\\u00f3n confidencial bajo el directorio raiz web con insuficiente control de acceso, lo que permite a atacantes remotos obtener nombres de usuario y rutas de directorios a trav\\u00e9s de peticiones directas de URL.\"}]",
      "id": "CVE-2006-3290",
      "lastModified": "2024-11-21T00:13:15.963",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2006-06-28T23:05:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/20870\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1016398\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.osvdb.org/26879\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/18701\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/2583\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/27442\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/20870\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1016398\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.osvdb.org/26879\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/18701\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/2583\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/27442\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-3290\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-06-28T23:05:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request.\"},{\"lang\":\"es\",\"value\":\"El servidor HTTP de Cisco Wireless Control System (WCS) para Linux y Windows en sus versiones anteriores a la v3.2(51) almacena informaci\u00f3n confidencial bajo el directorio raiz web con insuficiente control de acceso, lo que permite a atacantes remotos obtener nombres de usuario y rutas de directorios a trav\u00e9s de peticiones directas de URL.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:wireless_control_system:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.2\\\\(51\\\\)\",\"matchCriteriaId\":\"1B0A192A-AC2C-494D-9AFD-EB4C5DA536B4\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/20870\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1016398\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.osvdb.org/26879\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/18701\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/2583\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27442\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/20870\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1016398\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.osvdb.org/26879\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/18701\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/2583\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27442\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

VAR-200606-0250

Vulnerability from variot - Updated: 2023-12-18 12:13

HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request. Cisco Wireless Control System is prone to multiple security vulnerabilities. The following issues have been disclosed: - Authorization-bypass vulnerability due to multiple hardcoded username and password pairs - Arbitrary file access vulnerability - Cross-site scripting vulnerability - Information-disclosure vulnerability An attacker can exploit these issues to retrieve potentially sensitive information, overwrite files, perform cross-site scripting attacks, and gain unauthorized access; other attacks are also possible.

Reverse Engineer Wanted

Secunia offers a Security Specialist position with emphasis on reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerability reports.

http://secunia.com/secunia_security_specialist/

TITLE: Cisco Wireless Control System Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA20870

VERIFY ADVISORY: http://secunia.com/advisories/20870/

CRITICAL: Moderately critical

IMPACT: Security Bypass, Cross Site Scripting, Exposure of system information, Exposure of sensitive information, System access

WHERE:

From remote

SOFTWARE: Cisco Wireless Control System (WCS) 1.x http://secunia.com/product/6332/

DESCRIPTION: Some vulnerabilities and a security issue have been reported in Cisco Wireless Control System (WCS), which can be exploited by malicious, local users to gain knowledge of sensitive information, and by malicious people to gain knowledge of sensitive information, conduct cross-site scripting attacks, bypass certain security restrictions and potentially compromise a vulnerable system.

1) An undocumented username and hard-coded password exists in the WCS. This can be exploited to connect to the WCS internal database and to gain access to the configuration information of managed wireless access points.

The security issue has been reported in WCS for Linux and Windows 3.2(40) and prior.

2) Undocumented database username and password are stored in clear text in several WCS files. This can potentially be exploited by local users to gain knowledge of the user credentials and to gain access to the database.

The vulnerability has been reported in WCS for Linux and Windows 3.2(51) and prior.

3) An error within the internal TFTP server allows reading from or writing to arbitrary locations in the filesystem of a WCS system.

Successful exploitation requires that the configured root directory of the TFTP server contains a space character.

The vulnerability has been reported in WCS for Linux and Windows 3.2(51) and prior.

4) Input passed to the unspecified parameter in login page is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability has been reported in WCS for Linux and Windows 3.2(51) and prior.

Note: It has also been reported that WCS for Linux and Windows 4.0(1) and prior are installed with a default administrator username root, with a default password of public.

SOLUTION: Update to WCS for Linux and Windows 3.2(63) or later. http://www.cisco.com/public/sw-center/sw-usingswc.shtml

Default administrator passwords should be changed after installation.

PROVIDED AND/OR DISCOVERED BY: Reported by vendor.

ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200606-0250",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wireless control system",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.2\\(51\\)"
      },
      {
        "model": "wireless control system",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "3.2\\(51\\)"
      },
      {
        "model": "wireless control system software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "wireless control system software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.2"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "18701"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3290"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200606-562"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:wireless_control_system:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.2\\(51\\)",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-3290"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Security bulletin",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200606-562"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2006-3290",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-19398",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2006-3290",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200606-562",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-19398",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-19398"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3290"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200606-562"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request. Cisco Wireless Control System is prone to multiple security vulnerabilities. \nThe following issues have been disclosed:\n- Authorization-bypass vulnerability due to multiple hardcoded username and password pairs\n- Arbitrary file access vulnerability\n- Cross-site scripting vulnerability\n- Information-disclosure vulnerability\nAn attacker can exploit these issues to retrieve potentially sensitive information, overwrite files, perform cross-site scripting attacks, and gain unauthorized access; other attacks are also possible. \n\n----------------------------------------------------------------------\n\nReverse Engineer Wanted\n\nSecunia offers a Security Specialist position with emphasis on\nreverse engineering of software and exploit code, auditing of\nsource code, and analysis of vulnerability reports. \n\nhttp://secunia.com/secunia_security_specialist/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Wireless Control System Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA20870\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/20870/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSecurity Bypass, Cross Site Scripting, Exposure of system\ninformation, Exposure of sensitive information, System access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nCisco Wireless Control System (WCS) 1.x\nhttp://secunia.com/product/6332/\n\nDESCRIPTION:\nSome vulnerabilities and a security issue have been reported in Cisco\nWireless Control System (WCS), which can be exploited by malicious,\nlocal users to gain knowledge of sensitive information, and by\nmalicious people to gain knowledge of sensitive information, conduct\ncross-site scripting attacks, bypass certain security restrictions\nand potentially compromise a vulnerable system. \n\n1) An undocumented username and hard-coded password exists in the\nWCS. This can be exploited to connect to the WCS internal database\nand to gain access to the configuration information of managed\nwireless access points. \n\nThe security issue has been reported in WCS for Linux and Windows\n3.2(40) and prior. \n\n2) Undocumented database username and password are stored in clear\ntext in several WCS files. This can potentially be exploited by local\nusers to gain knowledge of the user credentials and to gain access to\nthe database. \n\nThe vulnerability has been reported in WCS for Linux and Windows\n3.2(51) and prior. \n\n3) An error within the internal TFTP server allows reading from or\nwriting to arbitrary locations in the filesystem of a WCS system. \n\nSuccessful exploitation requires that the configured root directory\nof the TFTP server contains a space character. \n\nThe vulnerability has been reported in WCS for Linux and Windows\n3.2(51) and prior. \n\n4) Input passed to the unspecified parameter in login page is not\nproperly sanitised before being returned to the user. This can be\nexploited to execute arbitrary HTML and script code in a user\u0027s\nbrowser session in context of an affected site. \n\nThe vulnerability has been reported in WCS for Linux and Windows\n3.2(51) and prior. \n\nThe vulnerability has been reported in WCS for Linux and Windows\n3.2(51) and prior. \n\nNote: It has also been reported that WCS for Linux and Windows 4.0(1)\nand prior are installed with a default administrator username root,\nwith a default password of public. \n\nSOLUTION:\nUpdate to WCS for Linux and Windows 3.2(63) or later. \nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml\n\nDefault administrator passwords should be changed after installation. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor. \n\nORIGINAL ADVISORY:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-3290"
      },
      {
        "db": "BID",
        "id": "18701"
      },
      {
        "db": "VULHUB",
        "id": "VHN-19398"
      },
      {
        "db": "PACKETSTORM",
        "id": "47889"
      }
    ],
    "trust": 1.35
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "18701",
        "trust": 2.0
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3290",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "20870",
        "trust": 1.8
      },
      {
        "db": "OSVDB",
        "id": "26879",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2006-2583",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1016398",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200606-562",
        "trust": 0.7
      },
      {
        "db": "CISCO",
        "id": "20060628 MULTIPLE VULNERABILITIES IN WIRELESS CONTROL SYSTEM",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "27442",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-19398",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "47889",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-19398"
      },
      {
        "db": "BID",
        "id": "18701"
      },
      {
        "db": "PACKETSTORM",
        "id": "47889"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3290"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200606-562"
      }
    ]
  },
  "id": "VAR-200606-0250",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-19398"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:13:11.784000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-3290"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/18701"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/26879"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1016398"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/20870"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2006/2583"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27442"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2006/2583"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/27442"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/en/us/products/sw/voicesw/ps4625/index.html"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/438590"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6332/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_specialist/"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/20870/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-19398"
      },
      {
        "db": "BID",
        "id": "18701"
      },
      {
        "db": "PACKETSTORM",
        "id": "47889"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3290"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200606-562"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-19398"
      },
      {
        "db": "BID",
        "id": "18701"
      },
      {
        "db": "PACKETSTORM",
        "id": "47889"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3290"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200606-562"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2006-06-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-19398"
      },
      {
        "date": "2006-06-28T00:00:00",
        "db": "BID",
        "id": "18701"
      },
      {
        "date": "2006-06-29T18:48:34",
        "db": "PACKETSTORM",
        "id": "47889"
      },
      {
        "date": "2006-06-28T23:05:00",
        "db": "NVD",
        "id": "CVE-2006-3290"
      },
      {
        "date": "2006-06-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200606-562"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-19398"
      },
      {
        "date": "2007-06-04T19:50:00",
        "db": "BID",
        "id": "18701"
      },
      {
        "date": "2017-07-20T01:32:12.443000",
        "db": "NVD",
        "id": "CVE-2006-3290"
      },
      {
        "date": "2006-06-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200606-562"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200606-562"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Wireless control system  HTTP server Information disclosure vulnerability",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200606-562"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200606-562"
      }
    ],
    "trust": 0.6
  }
}

GSD-2006-3290

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-3290

Aliases

CVE-2006-3290

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-3290",
    "description": "HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request.",
    "id": "GSD-2006-3290"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-3290"
      ],
      "details": "HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request.",
      "id": "GSD-2006-3290",
      "modified": "2023-12-13T01:19:57.389337Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-3290",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ADV-2006-2583",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/2583"
          },
          {
            "name": "20870",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20870"
          },
          {
            "name": "cisco-wcs-http-information-disclosure(27442)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27442"
          },
          {
            "name": "20060628 Multiple Vulnerabilities in Wireless Control System",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml"
          },
          {
            "name": "1016398",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1016398"
          },
          {
            "name": "26879",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/26879"
          },
          {
            "name": "18701",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/18701"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:wireless_control_system:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.2\\(51\\)",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3290"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20060628 Multiple Vulnerabilities in Wireless Control System",
              "refsource": "CISCO",
              "tags": [
                "Patch"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml"
            },
            {
              "name": "18701",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/18701"
            },
            {
              "name": "1016398",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1016398"
            },
            {
              "name": "20870",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20870"
            },
            {
              "name": "26879",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/26879"
            },
            {
              "name": "ADV-2006-2583",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/2583"
            },
            {
              "name": "cisco-wcs-http-information-disclosure(27442)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27442"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-20T01:32Z",
      "publishedDate": "2006-06-28T23:05Z"
    }
  }
}

FKIE_CVE-2006-3290

Vulnerability from fkie_nvd - Published: 2006-06-28 23:05 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/20870
cve@mitre.org	http://securitytracker.com/id?1016398
cve@mitre.org	http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml	Patch
cve@mitre.org	http://www.osvdb.org/26879
cve@mitre.org	http://www.securityfocus.com/bid/18701
cve@mitre.org	http://www.vupen.com/english/advisories/2006/2583
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/27442
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20870
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016398
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/26879
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/18701
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/2583
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/27442

Impacted products

	Vendor	Product	Version
	cisco	wireless_control_system	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:wireless_control_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0A192A-AC2C-494D-9AFD-EB4C5DA536B4",
              "versionEndIncluding": "3.2\\(51\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request."
    },
    {
      "lang": "es",
      "value": "El servidor HTTP de Cisco Wireless Control System (WCS) para Linux y Windows en sus versiones anteriores a la v3.2(51) almacena informaci\u00f3n confidencial bajo el directorio raiz web con insuficiente control de acceso, lo que permite a atacantes remotos obtener nombres de usuario y rutas de directorios a trav\u00e9s de peticiones directas de URL."
    }
  ],
  "id": "CVE-2006-3290",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-06-28T23:05:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/20870"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016398"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/26879"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/18701"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/2583"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27442"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20870"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/26879"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/18701"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/2583"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27442"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-3RJP-6929-2MRW

Vulnerability from github – Published: 2022-05-01 07:07 – Updated: 2022-05-01 07:07

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-3290"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-06-28T23:05:00Z",
    "severity": "MODERATE"
  },
  "details": "HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request.",
  "id": "GHSA-3rjp-6929-2mrw",
  "modified": "2022-05-01T07:07:36Z",
  "published": "2022-05-01T07:07:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3290"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27442"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20870"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016398"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/26879"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/18701"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/2583"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-3290 (GCVE-0-2006-3290)

VAR-200606-0250

GSD-2006-3290

FKIE_CVE-2006-3290

GHSA-3RJP-6929-2MRW

Tags

Sightings

Nomenclature