Vulnerability-Lookup

CVE-2006-6717 (GCVE-0-2006-6717)

Vulnerability from cvelistv5 – Published: 2006-12-23 11:00 – Updated: 2024-08-07 20:33

Summary

Severity

No CVSS data available.

CWE

Assigner

mitre

References

5 references

URL	Tags
http://www.securityfocus.com/archive/1/454630/100…	mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/23590	third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/21628	vdb-entryx_refsource_BID
http://secunia.com/advisories/23451	third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Date Public

2006-12-16 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:33:59.978Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20061216 Allied Telesis AT-9000/24 Ethernet switch management can be accessed from all VLANs.",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/454630/100/0/threaded"
          },
          {
            "name": "23590",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23590"
          },
          {
            "name": "21628",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/21628"
          },
          {
            "name": "23451",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23451"
          },
          {
            "name": "alliedtelesis-vlan-security-bypass(30924)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30924"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-12-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20061216 Allied Telesis AT-9000/24 Ethernet switch management can be accessed from all VLANs.",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/454630/100/0/threaded"
        },
        {
          "name": "23590",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23590"
        },
        {
          "name": "21628",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/21628"
        },
        {
          "name": "23451",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23451"
        },
        {
          "name": "alliedtelesis-vlan-security-bypass(30924)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30924"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-6717",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20061216 Allied Telesis AT-9000/24 Ethernet switch management can be accessed from all VLANs.",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/454630/100/0/threaded"
            },
            {
              "name": "23590",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23590"
            },
            {
              "name": "21628",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/21628"
            },
            {
              "name": "23451",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23451"
            },
            {
              "name": "alliedtelesis-vlan-security-bypass(30924)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30924"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-6717",
    "datePublished": "2006-12-23T11:00:00.000Z",
    "dateReserved": "2006-12-22T00:00:00.000Z",
    "dateUpdated": "2024-08-07T20:33:59.978Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2006-6717",
      "date": "2026-06-03",
      "epss": "0.00911",
      "percentile": "0.76224"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:alliedtelesyn:at-9000_24_ethernetswitch:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6E90523-DF9C-465E-83ED-BA963449DA29\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations.\"}, {\"lang\": \"es\", \"value\": \"EL switch Allied Telesis AT-9000/24 Ethernet acepta paquetes de gesti\\u00f3n de VLANs arbitrarias, al contrario que en la documentaci\\u00f3n, lo cual permite a un atacante remoto realizar ataques contra el switch desde localizaciones inesperadas.\"}]",
      "id": "CVE-2006-6717",
      "lastModified": "2024-11-21T00:23:28.783",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": true, \"userInteractionRequired\": false}]}",
      "published": "2006-12-23T11:28:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/23451\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/23590\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/454630/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/21628\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/30924\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/23451\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/23590\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/454630/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/21628\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/30924\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-6717\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-12-23T11:28:00.000\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations.\"},{\"lang\":\"es\",\"value\":\"EL switch Allied Telesis AT-9000/24 Ethernet acepta paquetes de gesti\u00f3n de VLANs arbitrarias, al contrario que en la documentaci\u00f3n, lo cual permite a un atacante remoto realizar ataques contra el switch desde localizaciones inesperadas.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:alliedtelesyn:at-9000_24_ethernetswitch:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6E90523-DF9C-465E-83ED-BA963449DA29\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/23451\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/23590\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/454630/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/21628\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/30924\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/23451\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/23590\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/454630/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/21628\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/30924\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2006-6717

Vulnerability from fkie_nvd - Published: 2006-12-23 11:28 - Updated: 2026-04-23 00:35

Severity

Summary

References

	URL	Tags
	cve@mitre.org	http://secunia.com/advisories/23451
	cve@mitre.org	http://secunia.com/advisories/23590
	cve@mitre.org	http://www.securityfocus.com/archive/1/454630/100/0/threaded
	cve@mitre.org	http://www.securityfocus.com/bid/21628
	cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/30924
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23451
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23590
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/454630/100/0/threaded
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/21628
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/30924

Impacted products

	Vendor	Product	Version
	alliedtelesyn	at-9000_24_ethernetswitch	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:alliedtelesyn:at-9000_24_ethernetswitch:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6E90523-DF9C-465E-83ED-BA963449DA29",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations."
    },
    {
      "lang": "es",
      "value": "EL switch Allied Telesis AT-9000/24 Ethernet acepta paquetes de gesti\u00f3n de VLANs arbitrarias, al contrario que en la documentaci\u00f3n, lo cual permite a un atacante remoto realizar ataques contra el switch desde localizaciones inesperadas."
    }
  ],
  "id": "CVE-2006-6717",
  "lastModified": "2026-04-23T00:35:47.467",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-12-23T11:28:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/23451"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/23590"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/454630/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/21628"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30924"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/23451"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/23590"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/454630/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/21628"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30924"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-QC6H-XXP7-XRR2

Vulnerability from github – Published: 2022-05-01 07:40 – Updated: 2022-05-01 07:40

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-6717"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-12-23T11:28:00Z",
    "severity": "HIGH"
  },
  "details": "The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations.",
  "id": "GHSA-qc6h-xxp7-xrr2",
  "modified": "2022-05-01T07:40:43Z",
  "published": "2022-05-01T07:40:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-6717"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30924"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/23451"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/23590"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/454630/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/21628"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2006-6717

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-6717

Aliases

CVE-2006-6717

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-6717",
    "description": "The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations.",
    "id": "GSD-2006-6717"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-6717"
      ],
      "details": "The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations.",
      "id": "GSD-2006-6717",
      "modified": "2023-12-13T01:19:54.601438Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-6717",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20061216 Allied Telesis AT-9000/24 Ethernet switch management can be accessed from all VLANs.",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/454630/100/0/threaded"
          },
          {
            "name": "23590",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/23590"
          },
          {
            "name": "21628",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/21628"
          },
          {
            "name": "23451",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/23451"
          },
          {
            "name": "alliedtelesis-vlan-security-bypass(30924)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30924"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:alliedtelesyn:at-9000_24_ethernetswitch:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-6717"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "21628",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/21628"
            },
            {
              "name": "23451",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/23451"
            },
            {
              "name": "23590",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/23590"
            },
            {
              "name": "alliedtelesis-vlan-security-bypass(30924)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30924"
            },
            {
              "name": "20061216 Allied Telesis AT-9000/24 Ethernet switch management can be accessed from all VLANs.",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/454630/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-17T21:49Z",
      "publishedDate": "2006-12-23T11:28Z"
    }
  }
}

VAR-200612-0415

Vulnerability from variot - Updated: 2023-12-18 12:23

The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations. Allied Telesis AT-9000/24 switches are prone to an unauthorized-management-VLAN-access vulnerability. Exploiting this issue allows attackers with access to any port on affected switches to access the management VLAN. This may aid them in further attacks. Allied Telesis AT-9000/24 is a 24-port Gigabit switch made by Allied Telesis in the United States. Allied Telesis AT-9000/24 has loopholes in the managed access control, and attackers may gain unauthorized access to the device. Under normal circumstances, the remote management (SNMP, TELNET, HTTP) of the switch should only be performed through the management VLAN. The only management VLAN option for the AT-9000/24 is Default VLAN. However, if the switch is configured to contain multiple VLANs instead of just the Default VLAN, it can be managed from all of these VLANs.

Secunia is proud to announce the availability of the Secunia Software Inspector.

The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor.

Try it out online: http://secunia.com/software_inspector/

TITLE: Simple Web Content Management System "id" SQL Injection

SECUNIA ADVISORY ID: SA23590

VERIFY ADVISORY: http://secunia.com/advisories/23590/

CRITICAL: Moderately critical

IMPACT: Manipulation of data, Exposure of system information, Exposure of sensitive information

WHERE:

From remote

SOFTWARE: Simple Web Content Management System http://secunia.com/product/13142/

DESCRIPTION: DarkFig has discovered a vulnerability in Simple Web Content Management System, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "id" parameter in page.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Successful exploitation allows retrieval of arbitrary files from the database server.

SOLUTION: Edit the source code to ensure that input is properly sanitised.

PROVIDED AND/OR DISCOVERED BY: DarkFig

ORIGINAL ADVISORY: http://acid-root.new.fr/poc/18070102.txt

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200612-0415",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "at-9000 24 ethernetswitch",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "alliedtelesyn",
        "version": "*"
      },
      {
        "model": "at-9000 24 ethernetswitch",
        "scope": null,
        "trust": 0.8,
        "vendor": "allied telesis",
        "version": null
      },
      {
        "model": "at-9000 24 ethernetswitch",
        "scope": null,
        "trust": 0.6,
        "vendor": "alliedtelesyn",
        "version": null
      },
      {
        "model": "at-9000/24",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "allied telesis",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "21628"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-001793"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-6717"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200612-502"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:alliedtelesyn:at-9000_24_ethernetswitch:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-6717"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Pasi Sj\u0026ouml;holm ptsjohol@cc.jyu.fi",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200612-502"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2006-6717",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": true,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 7.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2006-6717",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-22825",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2006-6717",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200612-502",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-22825",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-22825"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-001793"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-6717"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200612-502"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations. Allied Telesis AT-9000/24 switches are prone to an unauthorized-management-VLAN-access vulnerability. \nExploiting this issue allows attackers with access to any port on affected switches to access the management VLAN. This may aid them in further attacks. Allied Telesis AT-9000/24 \u200b\u200bis a 24-port Gigabit switch made by Allied Telesis in the United States. Allied Telesis AT-9000/24 \u200b\u200bhas loopholes in the managed access control, and attackers may gain unauthorized access to the device. Under normal circumstances, the remote management (SNMP, TELNET, HTTP) of the switch should only be performed through the management VLAN. The only management VLAN option for the AT-9000/24 \u200b\u200bis Default VLAN. However, if the switch is configured to contain multiple VLANs instead of just the Default VLAN, it can be managed from all of these VLANs. \n\n----------------------------------------------------------------------\n\nSecunia is proud to announce the availability of the Secunia Software\nInspector. \n\nThe Secunia Software Inspector is a free service that detects insecure\nversions of software that you may have installed in your system. When\ninsecure versions are detected, the Secunia Software Inspector also\nprovides thorough guidelines for updating the software to the latest\nsecure version from the vendor. \n\nTry it out online:\nhttp://secunia.com/software_inspector/\n\n----------------------------------------------------------------------\n\nTITLE:\nSimple Web Content Management System \"id\" SQL Injection\n\nSECUNIA ADVISORY ID:\nSA23590\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/23590/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nManipulation of data, Exposure of system information, Exposure of\nsensitive information\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nSimple Web Content Management System\nhttp://secunia.com/product/13142/\n\nDESCRIPTION:\nDarkFig has discovered a vulnerability in Simple Web Content\nManagement System, which can be exploited by malicious people to\nconduct SQL injection attacks. \n\nInput passed to the \"id\" parameter in page.php is not properly\nsanitised before being used in SQL queries. This can be exploited to\nmanipulate SQL queries by injecting arbitrary SQL code. \n\nSuccessful exploitation allows retrieval of arbitrary files from the\ndatabase server. \n\nSOLUTION:\nEdit the source code to ensure that input is properly sanitised. \n\nPROVIDED AND/OR DISCOVERED BY:\nDarkFig\n\nORIGINAL ADVISORY:\nhttp://acid-root.new.fr/poc/18070102.txt\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-6717"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-001793"
      },
      {
        "db": "BID",
        "id": "21628"
      },
      {
        "db": "VULHUB",
        "id": "VHN-22825"
      },
      {
        "db": "PACKETSTORM",
        "id": "53423"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2006-6717",
        "trust": 2.5
      },
      {
        "db": "BID",
        "id": "21628",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "23590",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "23451",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-001793",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200612-502",
        "trust": 0.7
      },
      {
        "db": "BUGTRAQ",
        "id": "20061216 ALLIED TELESIS AT-9000/24 ETHERNET SWITCH MANAGEMENT CAN BE ACCESSED FROM ALL VLANS.",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "30924",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-22825",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "53423",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-22825"
      },
      {
        "db": "BID",
        "id": "21628"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-001793"
      },
      {
        "db": "PACKETSTORM",
        "id": "53423"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-6717"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200612-502"
      }
    ]
  },
  "id": "VAR-200612-0415",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-22825"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:23:41.247000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.alliedtelesis.com/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-001793"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-6717"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/21628"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/23451"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/23590"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/454630/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30924"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6717"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-6717"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/30924"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/454630/100/0/threaded"
      },
      {
        "trust": 0.3,
        "url": "http://www.alliedtelesyn.com/products/details.aspx?604"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/454630"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/software_inspector/"
      },
      {
        "trust": 0.1,
        "url": "http://acid-root.new.fr/poc/18070102.txt"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/23590/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/13142/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-22825"
      },
      {
        "db": "BID",
        "id": "21628"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-001793"
      },
      {
        "db": "PACKETSTORM",
        "id": "53423"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-6717"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200612-502"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-22825"
      },
      {
        "db": "BID",
        "id": "21628"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-001793"
      },
      {
        "db": "PACKETSTORM",
        "id": "53423"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-6717"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200612-502"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2006-12-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-22825"
      },
      {
        "date": "2006-12-16T00:00:00",
        "db": "BID",
        "id": "21628"
      },
      {
        "date": "2012-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-001793"
      },
      {
        "date": "2007-01-04T17:16:54",
        "db": "PACKETSTORM",
        "id": "53423"
      },
      {
        "date": "2006-12-23T11:28:00",
        "db": "NVD",
        "id": "CVE-2006-6717"
      },
      {
        "date": "2006-12-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200612-502"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-22825"
      },
      {
        "date": "2006-12-18T17:33:00",
        "db": "BID",
        "id": "21628"
      },
      {
        "date": "2012-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-001793"
      },
      {
        "date": "2018-10-17T21:49:28.943000",
        "db": "NVD",
        "id": "CVE-2006-6717"
      },
      {
        "date": "2007-01-03T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200612-502"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200612-502"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Allied Telesis AT-9000/24 Ethernet Vulnerability in an attack from an unexpected location on the switch",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-001793"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "access verification error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200612-502"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-6717 (GCVE-0-2006-6717)

FKIE_CVE-2006-6717

GHSA-QC6H-XXP7-XRR2

GSD-2006-6717

VAR-200612-0415

Tags

Sightings

Nomenclature