Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2006-4493 | First vendor Publication | 2006-08-31 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 2.1 | Attack Range | Local |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| xbiff2 1.9 creates $HOME/.xbiff2rc in a user's home directory with insecure file permissions, which allows local users to obtain sensitive information such as login credentials. NOTE: the provenance of this information is unknown; the details are obtained from third party information. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4493 |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 28278 | xbiff2 .xbiff2rc File Permission Weakness Information Disclosure Xbiff 2 contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered due to an error in the configuration routine which creates .xbiff2rc with file permissions set to 755, which will disclose user's POP or IMAP credentials resulting in a loss of confidentiality. |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:19:39 |
|
| 2024-11-28 12:09:53 |
|
| 2021-05-04 12:04:30 |
|
| 2021-04-22 01:05:10 |
|
| 2020-05-23 00:18:19 |
|
| 2017-07-20 09:23:51 |
|
| 2016-06-28 15:56:32 |
|
| 2016-04-26 15:01:36 |
|
| 2013-05-11 11:08:08 |
|
