CVE-2006-0866 : PunBB 1.2.10 and earlier allows remote attackers to conduct brute force guessing

PunBB 1.2.10 and earlier allows remote attackers to conduct brute force guessing attacks for an account's password, which may be as short as 4 characters.

Published 2006-02-23 23:02:00

Updated 2018-10-18 16:29:28

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2006-0866

Punbb » Punbb » Version: 1.2.1
cpe:2.3:a:punbb:punbb:1.2.1:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.2.3
cpe:2.3:a:punbb:punbb:1.2.3:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.0 Alpha
cpe:2.3:a:punbb:punbb:1.0_alpha:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.0 Beta1
cpe:2.3:a:punbb:punbb:1.0_beta1:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.1.2
cpe:2.3:a:punbb:punbb:1.1.2:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.1.3
cpe:2.3:a:punbb:punbb:1.1.3:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.1.4
cpe:2.3:a:punbb:punbb:1.1.4:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.0 Rc1
cpe:2.3:a:punbb:punbb:1.0_rc1:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.0 Rc2
cpe:2.3:a:punbb:punbb:1.0_rc2:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.2.2
cpe:2.3:a:punbb:punbb:1.2.2:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.0
cpe:2.3:a:punbb:punbb:1.0:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.0.1
cpe:2.3:a:punbb:punbb:1.0.1:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.1
cpe:2.3:a:punbb:punbb:1.1:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.1.1
cpe:2.3:a:punbb:punbb:1.1.1:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.2.4
cpe:2.3:a:punbb:punbb:1.2.4:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.0 Beta2
cpe:2.3:a:punbb:punbb:1.0_beta2:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.0 Beta3
cpe:2.3:a:punbb:punbb:1.0_beta3:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.1.5
cpe:2.3:a:punbb:punbb:1.1.5:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.2
cpe:2.3:a:punbb:punbb:1.2:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.0 Beta1a
cpe:2.3:a:punbb:punbb:1.0_beta1a:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.2.5
cpe:2.3:a:punbb:punbb:1.2.5:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.2.6
cpe:2.3:a:punbb:punbb:1.2.6:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.2.7
cpe:2.3:a:punbb:punbb:1.2.7:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.2.8
cpe:2.3:a:punbb:punbb:1.2.8:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.2.9
cpe:2.3:a:punbb:punbb:1.2.9:*:*:*:*:*:*:*
Matching versions
Punbb » Punbb » Version: 1.2.10
cpe:2.3:a:punbb:punbb:1.2.10:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2006-0866

EPSS FAQ

0.38%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 57 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2006-0866

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

References for CVE-2006-0866

Jump to

Vulnerability Details : CVE-2006-0866

Products affected by CVE-2006-0866

Exploit prediction scoring system (EPSS) score for CVE-2006-0866

CVSS scores for CVE-2006-0866

References for CVE-2006-0866