Lucene search

MitreCVE-2006-3885

HistoryJul 27, 2006 - 1:04 a.m.

CVE-2006-3885

2006-07-2701:04:00

mitre

web.nvd.nist.gov

cve

2006

3885

directory traversal

vulnerability

check point

firewall-1

nvd

hfa03

tcp port 18264

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

7.1

Confidence

Low

EPSS

0.004

Percentile

74.2%

JSON

Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded … (dot dot) in the URL on TCP port 18264.

Affected configurations

Nvd

Node

checkpointfirewall-1Matchr55w

checkpointfirewall-1Matchr55whfa1

checkpointfirewall-1Matchr55whfa2

VendorProductVersionCPE
checkpointfirewall-1r55wcpe:2.3:a:checkpoint:firewall-1:r55w:*:*:*:*:*:*:*
checkpointfirewall-1r55wcpe:2.3:a:checkpoint:firewall-1:r55w:hfa1:*:*:*:*:*:*
checkpointfirewall-1r55wcpe:2.3:a:checkpoint:firewall-1:r55w:hfa2:*:*:*:*:*:*

Vendor	Product	Version	CPE
checkpoint	firewall-1	r55w	cpe:2.3:a:checkpoint:firewall-1:r55w:::::::*
checkpoint	firewall-1	r55w	cpe:2.3:a:checkpoint:firewall-1:r55w:hfa1::::::
checkpoint	firewall-1	r55w	cpe:2.3:a:checkpoint:firewall-1:r55w:hfa2::::::

References

secunia.com/advisories/21200

securityreason.com/securityalert/1290

securitytracker.com/id?1016563

www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html

www.securityfocus.com/archive/1/440990/100/0/threaded

www.securityfocus.com/archive/1/441495/100/0/threaded

www.securityfocus.com/bid/19136

www.vupen.com/english/advisories/2006/2965

exchange.xforce.ibmcloud.com/vulnerabilities/27937

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

7.1

Confidence

Low

EPSS

0.004

Percentile

74.2%

JSON

Related for CVE-2006-3885