CVE-2006-2692

Multiple unspecified vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to read arbitrary image, HTML, or PHP files via unknown vectors, probably related to directory traversal.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://secunia.com/advisories/20351	Vendor Advisory
http://securitytracker.com/id?1016188
http://www.amule.org/wiki/index.php/Changelog_2.1.2	Patch
http://www.securityfocus.com/bid/18145	Patch
http://secunia.com/advisories/20351	Vendor Advisory
http://securitytracker.com/id?1016188
http://www.amule.org/wiki/index.php/Changelog_2.1.2	Patch
http://www.securityfocus.com/bid/18145	Patch

Configurations

Configuration 1 (hide)

cpe:2.3:a:amule:amule:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-05-31 10:06

Updated : 2025-04-03 01:03

NVD link : CVE-2006-2692

Mitre link : CVE-2006-2692

CVE.ORG link : CVE-2006-2692

JSON object : View

Products Affected

amule

amule

CWE

NVD-CWE-Other

{"id": "CVE-2006-2692", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-05-31T10:06:00.000", "references": [{"url": "http://secunia.com/advisories/20351", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1016188", "source": "cve@mitre.org"}, {"url": "http://www.amule.org/wiki/index.php/Changelog_2.1.2", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/18145", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/20351", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1016188", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.amule.org/wiki/index.php/Changelog_2.1.2", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/18145", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to read arbitrary image, HTML, or PHP files via unknown vectors, probably related to directory traversal."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:amule:amule:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94D55923-5811-4DE2-BC6D-27E68CEB1034"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org", "evaluatorSolution": "Successful exploitation requires that the full pathname of the file is known.\r\nThis vulnerability is addressed in the following product release:\r\naMule, aMule, 2.1.2"}