CVE-2006-6598

Published Dec 15, 2006

Last updated 7 years ago

CVSS info 6.5

Overview

Description: Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux before 2.2 and (2) torrentflux-b4rt before 2.1-b4rt-972 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the path parameter, a different vector than CVE-2006-6328.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.5
Impact score: 6.4
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC738E38-4158-4E63-929D-6CC971FAD24A",
            "versionEndIncluding": "2.2"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2526D31B-D081-4C35-9D98-26DD3DCBBB5D",
            "versionEndIncluding": "2.1_b4rt971"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "430F26F5-9C15-45A6-8FE2-3DE2D5676F3F"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40FE6027-3BBB-417A-BB59-8F344C79F35D"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "113272FC-6E2C-4C65-BF14-3A9478B8EE5C"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FCC7B523-93AF-44A3-A6DB-6044049E221C"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84FD3104-2104-48AF-A246-E576CB691C4E"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7ECD29D9-93E0-479A-B755-B9D3EF203885"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E32CFEA-5023-46BB-B64B-3C3BB43BA232"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt61:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F44E2F6-1839-4AA2-9927-A8D27B08DB81"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt81:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61B4C1FB-BBD4-4C52-8FE2-8F4AE31DC749"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt82:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4542049A-1D9D-4FBC-8B2B-541FDAB057F8"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt83:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17E18EF1-A50A-4788-91CE-1F788CB5BA77"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt84:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48C05143-0B64-4221-B118-A76DC859BD12"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt85:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "402B5C5A-FC57-4EE0-872D-4F4A12A283E1"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt91:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D59C1106-AA83-45AE-B9DD-5A50647562DC"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt92:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47AC093F-EF43-4CC9-A6F0-F127E58CAA8F"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt93:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "976E5481-8D4E-4DC4-AC04-CB71F2729C49"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt94:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "92DB5D17-30FD-44FD-9BF6-ADEB77665537"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt95:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A212E631-FAE5-4FC4-9396-EDA4F63A129A"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt96:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1359647-6E65-4EC4-9754-35CAC1700C68"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt97:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7E42B11-55B0-4302-95D7-54D9E17936BF"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt801:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3272FCC8-CCDC-4864-851D-78B776B8C66A"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt802:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0A5E5F0-1C8D-4CBE-AF51-E9784CE9AF05"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt951:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF63B674-0D31-4003-B79B-87F2B891B6C1"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt952:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADC9FAD6-BF60-4DE1-A045-86D8689EE281"
          },
          {
            "criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt953:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D4A2D82-46E9-4884-BD81-AF33702EEF7A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References