CVE-2006-6175 - OpenCVE

Directory traversal vulnerability in lib/FBView.php in Horde Kronolith H3 before 2.0.7 and 2.1.x before 2.1.4 allows remote attackers to include arbitrary files and execute PHP code via a .. (dot dot) sequence in the view parameter.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Horde	Kronolith

Configuration 1 [-]

OR	cpe:2.3:a:horde:kronolith:2.0.1:::::::*
	cpe:2.3:a:horde:kronolith:2.0.2:::::::*
	cpe:2.3:a:horde:kronolith:2.0.3:::::::*
	cpe:2.3:a:horde:kronolith:2.0.4:::::::*
	cpe:2.3:a:horde:kronolith:2.0.5:::::::*
	cpe:2.3:a:horde:kronolith:2.0.6:::::::*
	cpe:2.3:a:horde:kronolith:2.1:::::::*
	cpe:2.3:a:horde:kronolith:2.1.1:::::::*
	cpe:2.3:a:horde:kronolith:2.1.2:::::::*
	cpe:2.3:a:horde:kronolith:2.1.3:::::::*

No data.

References

Link	Providers
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=445
http://marc.info/?l=horde-announce&m=116483107007152&w=2
http://marc.info/?l=horde-announce&m=116483121211579&w=2
http://secunia.com/advisories/23145
http://secunia.com/advisories/23780
http://security.gentoo.org/glsa/glsa-200701-11.xml
http://securitytracker.com/id?1017316
http://www.securityfocus.com/bid/21341
http://www.vupen.com/english/advisories/2006/4775

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-11-30T16:00:00

Updated: 2024-08-07T20:19:34.647Z

Reserved: 2006-11-30T00:00:00

Link: CVE-2006-6175

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-11-30T16:28:00.000

Modified: 2016-10-18T03:42:11.623

Link: CVE-2006-6175

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-11-29T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in lib/FBView.php in Horde Kronolith H3 before 2.0.7 and 2.1.x before 2.1.4 allows remote attackers to include arbitrary files and execute PHP code via a .. (dot dot) sequence in the view parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "21341", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/21341"}, {"name": "1017316", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017316"}, {"name": "ADV-2006-4775", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/4775"}, {"name": "[horde-announce] 20061129 [SECURITY] Kronolith H3 (2.0.7) (final)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=horde-announce&m=116483107007152&w=2"}, {"name": "23145", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23145"}, {"name": "20061129 Horde Kronolith Arbitrary Local File Inclusion Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=445"}, {"name": "[horde-announce] 20061129 [SECURITY] Kronolith H3 (2.1.4) (final)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=horde-announce&m=116483121211579&w=2"}, {"name": "GLSA-200701-11", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200701-11.xml"}, {"name": "23780", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23780"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-6175", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in lib/FBView.php in Horde Kronolith H3 before 2.0.7 and 2.1.x before 2.1.4 allows remote attackers to include arbitrary files and execute PHP code via a .. (dot dot) sequence in the view parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "21341", "refsource": "BID", "url": "http://www.securityfocus.com/bid/21341"}, {"name": "1017316", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017316"}, {"name": "ADV-2006-4775", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/4775"}, {"name": "[horde-announce] 20061129 [SECURITY] Kronolith H3 (2.0.7) (final)", "refsource": "MLIST", "url": "http://marc.info/?l=horde-announce&m=116483107007152&w=2"}, {"name": "23145", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23145"}, {"name": "20061129 Horde Kronolith Arbitrary Local File Inclusion Vulnerability", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=445"}, {"name": "[horde-announce] 20061129 [SECURITY] Kronolith H3 (2.1.4) (final)", "refsource": "MLIST", "url": "http://marc.info/?l=horde-announce&m=116483121211579&w=2"}, {"name": "GLSA-200701-11", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200701-11.xml"}, {"name": "23780", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23780"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T20:19:34.647Z"}, "title": "CVE Program Container", "references": [{"name": "21341", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/21341"}, {"name": "1017316", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017316"}, {"name": "ADV-2006-4775", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/4775"}, {"name": "[horde-announce] 20061129 [SECURITY] Kronolith H3 (2.0.7) (final)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=horde-announce&m=116483107007152&w=2"}, {"name": "23145", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23145"}, {"name": "20061129 Horde Kronolith Arbitrary Local File Inclusion Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=445"}, {"name": "[horde-announce] 20061129 [SECURITY] Kronolith H3 (2.1.4) (final)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=horde-announce&m=116483121211579&w=2"}, {"name": "GLSA-200701-11", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200701-11.xml"}, {"name": "23780", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23780"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-6175", "datePublished": "2006-11-30T16:00:00", "dateReserved": "2006-11-30T00:00:00", "dateUpdated": "2024-08-07T20:19:34.647Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:horde:kronolith:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "436D05EC-DAC5-458D-9B38-14F213CE727D", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:kronolith:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "41EA6145-A394-4AC9-A94A-3F28533704F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:kronolith:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "302DB7DF-33F2-4C66-8792-8DFC25BBF5BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:kronolith:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "C7A43538-F4FA-4AE3-9C8A-E949494695E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:kronolith:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "3D2CA0AD-7DF6-43CA-B663-A7F79C456F1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:kronolith:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "961A4D0A-3BC7-4ADB-8459-3F724E49BDA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:kronolith:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "5CB15A30-FC06-4A29-AD40-8EAEE0C91C8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:kronolith:2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3488A4C1-5957-4592-A250-7EBD3121EECF", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:kronolith:2.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "A6A39065-CAC3-4FE9-99DB-D25735D16730", "vulnerable": true}, {"criteria": "cpe:2.3:a:horde:kronolith:2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "0C682749-BC44-43DE-B85A-43EC9C3F58A7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in lib/FBView.php in Horde Kronolith H3 before 2.0.7 and 2.1.x before 2.1.4 allows remote attackers to include arbitrary files and execute PHP code via a .. (dot dot) sequence in the view parameter."}, {"lang": "es", "value": "Vulnerabilidad de escalado de directorio en lib/FBView.php del Horde Kronolith H3 en versiones anteriores a la 2.0.7 y en la 2.1.x anterior a la 2.1.4, permite a atacantes remotos ejecutar c\u00f3digo y ficheros PHP de su elecci\u00f3n mediante la secuencia .. (punto punto) en el par\u00e1metro view."}], "id": "CVE-2006-6175", "lastModified": "2016-10-18T03:42:11.623", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-11-30T16:28:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=445"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=horde-announce&m=116483107007152&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=horde-announce&m=116483121211579&w=2"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23145"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23780"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200701-11.xml"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1017316"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/21341"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/4775"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}