Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2006-5750 | First vendor Publication | 2006-11-27 |
Vendor | Cve | Last vendor Modification | 2018-10-17 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server (jbossas) 3.2.4 through 4.0.5 allows remote authenticated users to read or modify arbitrary files, and possibly execute arbitrary code, via unspecified vectors related to the console manager. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5750 |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
30767 | JBoss Application Server (jbossas) JMX Console DeploymentFileRepository Trave... Jboss contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the JMX console not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the DeploymentFileRepository class. This directory traversal attack would allow the attacker to read or modify arbitrary files. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_jboss-2309.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_jboss4-2304.nasl - Type : ACT_GATHER_INFO |
2006-12-14 | Name : The remote web server contains a Java service that is affected by a directory... File : jboss_deploymentfilerepository_dir_traversal.nasl - Type : ACT_DESTRUCTIVE_ATTACK |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:04:49 |
|
2021-04-22 01:05:25 |
|
2020-05-23 00:18:39 |
|
2019-03-18 12:01:29 |
|
2018-10-18 00:19:46 |
|
2016-06-28 15:59:55 |
|
2016-04-26 15:16:09 |
|
2014-02-17 10:37:47 |
|
2013-05-11 11:13:28 |
|