Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2006-1300 | First vendor Publication | 2006-07-11 |
Vendor | Cve | Last vendor Modification | 2018-10-12 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft .NET framework 2.0 (ASP.NET) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1 allows remote attackers to bypass access restrictions via unspecified "URL paths" that can access Application Folder objects "explicitly by name." |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1300 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:419 | |||
Oval ID: | oval:org.mitre.oval:def:419 | ||
Title: | .NET 2.0 Application Folder Information Disclosure Vulnerability | ||
Description: | Microsoft .NET framework 2.0 (ASP.NET) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1 allows remote attackers to bypass access restrictions via unspecified "URL paths" that can access Application Folder objects "explicitly by name." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1300 | Version: | 2 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft .NET Framework |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2009-03-15 | Name : Microsoft Security Bulletin MS06-033 File : nvt/remote-MS06-033.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
27153 | Microsoft .NET Framework Crafted Request Access Restriction Bypass .NET Framework contains a flaw that allows a remote attacker to access files outside of the web path. The issue is due to ASP.NET not properly sanitizing URLs, which may allow an attacker to gain unauthorized access to files. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft ASP.NET application folder info disclosure attempt RuleID : 16048 - Revision : 13 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-07-11 | Name : An attacker may bypass ASP.NET security to gain unauthorized access to object... File : smb_nt_ms06-033.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2022-10-11 01:01:37 |
|
2021-05-04 12:03:48 |
|
2021-04-22 01:04:21 |
|
2020-05-23 00:17:32 |
|
2018-10-13 00:22:33 |
|
2017-10-11 09:23:38 |
|
2017-07-20 09:23:26 |
|
2016-06-28 15:40:42 |
|
2016-04-26 14:25:00 |
|
2014-02-17 10:35:04 |
|
2014-01-19 21:23:11 |
|
2013-05-11 10:51:46 |
|