Vulnerability Description
The config method in Henrik Storner Hobbit monitor before 4.1.2p2 permits access to files outside of the intended configuration directory, which allows remote attackers to obtain sensitive information via requests to the hobbitd daemon on port 1984/tcp.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hobbit Monitor | Hobbit Monitor | <= 4.1.2_p1 |
References
- http://secunia.com/advisories/21317PatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=436594&group_id=128058Patch
- http://www.securityfocus.com/archive/1/442036/100/0/threaded
- http://www.securityfocus.com/bid/19317Patch
- http://www.vupen.com/english/advisories/2006/3139
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28204
- http://secunia.com/advisories/21317PatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=436594&group_id=128058Patch
- http://www.securityfocus.com/archive/1/442036/100/0/threaded
- http://www.securityfocus.com/bid/19317Patch
- http://www.vupen.com/english/advisories/2006/3139
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28204
FAQ
What is CVE-2006-4003?
CVE-2006-4003 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The config method in Henrik Storner Hobbit monitor before 4.1.2p2 permits access to files outside of the intended configuration directory, which allows remote attackers to obtain sensitive information...
How severe is CVE-2006-4003?
CVE-2006-4003 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4003?
Check the references section above for vendor advisories and patch information. Affected products include: Hobbit Monitor Hobbit Monitor.