Vulnerability Description
The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| 3Com | Tippingpoint Sms Server | <= 2.2.1.4477 |
References
- http://secunia.com/advisories/20058
- http://securityreason.com/securityalert/870
- http://securitytracker.com/id?1016051
- http://www.3com.com/securityalert/alerts/3COM-06-002.html
- http://www.osvdb.org/25360
- http://www.securityfocus.com/archive/1/433432/100/0/threaded
- http://www.securityfocus.com/bid/17935
- http://www.vupen.com/english/advisories/2006/1752
- http://www.zerodayinitiative.com/advisories/ZDI-06-013.htmlVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26338
- http://secunia.com/advisories/20058
- http://securityreason.com/securityalert/870
- http://securitytracker.com/id?1016051
- http://www.3com.com/securityalert/alerts/3COM-06-002.html
- http://www.osvdb.org/25360
FAQ
What is CVE-2006-0993?
CVE-2006-0993 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive infor...
How severe is CVE-2006-0993?
CVE-2006-0993 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0993?
Check the references section above for vendor advisories and patch information. Affected products include: 3Com Tippingpoint Sms Server.