Lucene search

[email protected]NVD:CVE-2006-3831

HistoryJul 25, 2006 - 1:22 p.m.

CVE-2006-3831

2006-07-2513:22:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.01

Percentile

84.0%

JSON

The Backup selection in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier uses predicable filenames for database backups and stores the files under the web root with insufficient access control, which allows remote attackers to obtain sensitive information by downloading a backup file.

Affected configurations

Nvd

Node

kailash_nadhboastmachineRange≤3.1

VendorProductVersionCPE
kailash_nadhboastmachine*cpe:2.3:a:kailash_nadh:boastmachine:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
kailash_nadh	boastmachine	*	cpe:2.3:a:kailash_nadh:boastmachine::::::::

References

secunia.com/advisories/21066

securityreason.com/securityalert/1271

securitytracker.com/id?1016515

www.acid-root.new.fr/advisories/boastmachine.txt

www.securityfocus.com/archive/1/440306/100/0/threaded

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.01

Percentile

84.0%

JSON

Related for NVD:CVE-2006-3831

cve1 cvelist1