CVE-2006-3695 - Vulnerability Details - OpenCVE

Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting (XSS) attacks, or cause a denial of service via unspecified vectors. NOTE: this might be related to CVE-2006-3458.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Edgewall Software	Trac

Configuration 1 [-]

cpe:2.3:a:edgewall_software:trac:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://secunia.com/advisories/20958
http://secunia.com/advisories/21534
http://securitytracker.com/id?1016457
http://trac.edgewall.org/wiki/ChangeLog
http://www.debian.org/security/2006/dsa-1152
http://www.securityfocus.com/bid/18323
http://www.vupen.com/english/advisories/2006/2729
https://exchange.xforce.ibmcloud.com/vulnerabilities/27706
https://exchange.xforce.ibmcloud.com/vulnerabilities/27708

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-07-19T01:00:00

Updated: 2024-08-07T18:39:53.571Z

Reserved: 2006-07-18T00:00:00

Link: CVE-2006-3695

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2006-07-21T14:03:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2006-3695

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-07-10T00:00:00", "descriptions": [{"lang": "en", "value": "Trac before 0.9.6 does not disable the \"raw\" or \"include\" commands when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting (XSS) attacks, or cause a denial of service via unspecified vectors. NOTE: this might be related to CVE-2006-3458."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-19T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "trac-restructuredtext-obtain-information(27706)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27706"}, {"name": "ADV-2006-2729", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/2729"}, {"name": "20958", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20958"}, {"name": "1016457", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016457"}, {"name": "18323", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/18323"}, {"name": "trac-restructuredtext-dos(27708)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27708"}, {"name": "DSA-1152", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2006/dsa-1152"}, {"name": "21534", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21534"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://trac.edgewall.org/wiki/ChangeLog"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-3695", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Trac before 0.9.6 does not disable the \"raw\" or \"include\" commands when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting (XSS) attacks, or cause a denial of service via unspecified vectors. NOTE: this might be related to CVE-2006-3458."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "trac-restructuredtext-obtain-information(27706)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27706"}, {"name": "ADV-2006-2729", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2729"}, {"name": "20958", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20958"}, {"name": "1016457", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016457"}, {"name": "18323", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18323"}, {"name": "trac-restructuredtext-dos(27708)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27708"}, {"name": "DSA-1152", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1152"}, {"name": "21534", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21534"}, {"name": "http://trac.edgewall.org/wiki/ChangeLog", "refsource": "CONFIRM", "url": "http://trac.edgewall.org/wiki/ChangeLog"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T18:39:53.571Z"}, "title": "CVE Program Container", "references": [{"name": "trac-restructuredtext-obtain-information(27706)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27706"}, {"name": "ADV-2006-2729", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/2729"}, {"name": "20958", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20958"}, {"name": "1016457", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1016457"}, {"name": "18323", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/18323"}, {"name": "trac-restructuredtext-dos(27708)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27708"}, {"name": "DSA-1152", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2006/dsa-1152"}, {"name": "21534", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21534"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://trac.edgewall.org/wiki/ChangeLog"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-3695", "datePublished": "2006-07-19T01:00:00", "dateReserved": "2006-07-18T00:00:00", "dateUpdated": "2024-08-07T18:39:53.571Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:edgewall_software:trac:*:*:*:*:*:*:*:*", "matchCriteriaId": "9FC0F377-A06F-42B8-ACDF-EB59F0C912F7", "versionEndIncluding": "0.9.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Trac before 0.9.6 does not disable the \"raw\" or \"include\" commands when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting (XSS) attacks, or cause a denial of service via unspecified vectors. NOTE: this might be related to CVE-2006-3458."}, {"lang": "es", "value": "Trac anterior a 0.9.6 no deshabilita los comandos \"raw\" o \"nclude\" cuando se mantiene a usuarios no v\u00e1lidos con la funcionalidad de texto reestructurado (reStructuredText) desde docutils, lo cual permite a atacantes remotos leer archivos de su elecci\u00f3n, realizando ataques de secuencias de comandos en sitios cruzados (XSS), o provocar denegaci\u00f3n de servicio a trav\u00e9s de vectores no especificados. NOTA: esto podr\u00eda estar relacionado con CVE-2006-3458."}], "evaluatorSolution": "Upgrade to 0.9.6", "id": "CVE-2006-3695", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-07-21T14:03:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20958"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21534"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1016457"}, {"source": "cve@mitre.org", "url": "http://trac.edgewall.org/wiki/ChangeLog"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-1152"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/18323"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/2729"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27706"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27708"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20958"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21534"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1016457"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://trac.edgewall.org/wiki/ChangeLog"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1152"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/18323"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/2729"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27706"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27708"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}