CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2006(Gain Privilege)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2006-0230 +Priv 2006-04-24 2018-10-19
10.0
Admin Remote Low Not required Complete Complete Complete
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests.
2 CVE-2006-0411 +Priv 2006-01-25 2017-07-19
10.0
Admin Remote Low Not required Complete Complete Complete
claro_init_local.inc.php in Claroline 1.7.2 uses guessable session cookies (MD5 hash of connection time), which allows remote attackers to hijack sessions and possibly gain administrative privileges.
3 CVE-2006-0686 +Priv 2006-02-14 2018-10-19
10.0
Admin Remote Low Not required Complete Complete Complete
add_user.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not check user privileges when adding a new administrative user, which allows remote attackers to gain unauthorized access.
4 CVE-2006-0864 +Priv 2006-02-23 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
filescan in Global Hauri ViRobot 2.0 20050817 does not verify the Cookie HTTP header, which allows remote attackers to gain administrative privileges via an arbitrary cookie value.
5 CVE-2006-1069 +Priv 2006-03-07 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the session handling for Geeklog 1.4.x before 1.4.0sr2, 1.3.11 before 1.3.11sr5, 1.3.9 before 1.3.9sr5, and possibly earlier versions allows attackers to gain privileges as arbitrary users via unknown vectors.
6 CVE-2006-1085 Exec Code +Priv Bypass 2006-03-08 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
admin.php in PHP-Stats 0.1.9.1 and earlier allows remote attackers to bypass authentication, gain administrator privileges, and execute arbitrary PHP code by modifying the option[admin_pass] parameter and setting the pass_cookie to the MD5 hash of the specified password.
7 CVE-2006-1381 +Priv 2006-03-24 2017-07-19
10.0
Admin Remote Low Not required Complete Complete Complete
Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying tmlisten.exe.
8 CVE-2006-2206 +Priv 2006-05-05 2017-07-19
10.0
Admin Remote Low Not required Complete Complete Complete
The MS-Logon authentication scheme in UltraVNC (aka [email protected]) 1.0.1 uses weak encryption (XOR) for challenge/response, which allows remote attackers to gain privileges by sniffing and decrypting passwords.
9 CVE-2006-2430 +Priv 2006-05-17 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials in plaintext in addNode.log, which allows attackers to gain privileges.
10 CVE-2006-3203 255 +Priv 2006-06-23 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
The installation of Ultimate PHP Board (UPB) 1.9.6 and earlier includes a default administrator login account and password, which allows remote attackers to gain privileges.
11 CVE-2006-3601 +Priv 2006-07-18 2016-11-28
10.0
Admin Remote Low Not required Complete Complete Complete
** UNVERIFIABLE ** Unspecified vulnerability in an unspecified DNN Modules module for DotNetNuke (.net nuke) allows remote attackers to gain privileges via unspecified vectors, as used in an attack against the Microsoft France web site. NOTE: due to the lack of details and uncertainty about which product is affected, this claim is not independently verifiable.
12 CVE-2006-2787 +Priv 2006-06-02 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.
13 CVE-2006-6745 +Priv 2006-12-26 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges, related to serialization in JRE.
14 CVE-2006-4228 +Priv Bypass 2006-08-18 2018-10-17
9.0
Admin Remote Low Single system Complete Complete Complete
Symantec Veritas NetBackup PureDisk Remote Office Edition 6.0 before MP1 20060816 allows remote attackers to bypass authentication and gain privileges via unknown attack vectors in the management interface.
15 CVE-2006-4585 Exec Code +Priv Sql 2006-09-06 2018-10-17
9.0
Admin Remote Low Single system Complete Complete Complete
SQL injection vulnerability in admin/editer.php in Tr Forum 2.0 allows remote authenticated users to execute arbitrary SQL commands via the id2 parameter. NOTE: this can be leveraged with other Tr Forum vulnerabilities to allow unauthenticated attackers to gain privileges.
16 CVE-2006-5014 +Priv 2006-09-26 2008-09-05
9.0
Admin Remote Low Single system Complete Complete Complete
Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.
17 CVE-2006-1727 +Priv 2006-04-14 2018-10-18
7.6
Admin Remote High Not required Complete Complete Complete
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to the use of XBL scripts with "Print Preview".
18 CVE-2006-2235 +Priv 2006-05-05 2018-10-18
7.6
Admin Remote High Not required Complete Complete Complete
CodeMunkyX (aka free-php.net) Simple Poll 1.0, when authentication is not required for the admin directory, allows remote attackers to gain administrative privileges by appending /admin/ to the top-level URI of the application.
19 CVE-2006-0423 +Priv 2006-01-25 2018-10-30
7.5
User Remote Low Not required Partial Partial Partial
BEA WebLogic Portal 8.1 through SP3 stores the password for the RDBMS Authentication provider in cleartext in the config.xml file, which allows attackers to gain privileges.
20 CVE-2006-0426 +Priv 2006-01-25 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
BEA WebLogic Server and WebLogic Express 8.1 through SP4, when configuration auditing is enabled and a password change occurs, stores the old and new passwords in cleartext in the DefaultAuditRecorder.log file, which could allow attackers to gain privileges.
21 CVE-2006-0527 264 +Priv 2006-02-02 2018-10-19
7.5
User Remote Low Not required Partial Partial Partial
BIND 4 (BIND4) and BIND 8 (BIND8), if used as a target forwarder, allows remote attackers to gain privileged access via a "Kashpureff-style DNS cache corruption" attack.
22 CVE-2006-1026 +Priv 2006-03-06 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
JFacets before 0.2 allows remote attackers to gain privileges as any account via a GET request with a modified account profileID.
23 CVE-2006-1210 +Priv 2006-03-13 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 includes the MySQL database username and password in cleartext in body.phtml, which allows remote attackers to gain privileges by reading the source. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
24 CVE-2006-1213 +Priv Bypass 2006-03-13 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
JiRo's Banner System Experience and Professional 1.0 and earlier allows remote attackers to bypass access restrictions and gain privileges via a direct request to certain scripts in the files directory, as demonstrated by using addadmin.asp to create a new administrator account.
25 CVE-2006-1296 +Priv 2006-03-19 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Untrusted search path vulnerability in Beagle 0.2.2.1 might allow local users to gain privileges via a malicious beagle-info program in the current working directory, or possibly directories specified in the PATH.
26 CVE-2006-1539 Overflow +Priv 2006-03-30 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Multiple buffer overflows in the checkscores function in scores.c in tetris-bsd in bsd-games before 2.17-r1 in Gentoo Linux might allow local users with games group membership to gain privileges by modifying tetris-bsd.scores to contain crafted executable content, which is executed when another user launches tetris-bsd.
27 CVE-2006-2116 +Priv 2006-05-01 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
planetGallery allows remote attackers to gain administrator privileges via a direct request to admin/gallery_admin.php.
28 CVE-2006-2338 +Priv 2006-05-11 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
PlaNet Concept plaNetStat 20050127 allows remote attackers to gain administrative privileges, and view and configure log files, via a direct request to the (1) admin.php or (2) settings.php page.
29 CVE-2006-2436 +Priv 2006-05-17 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
WebSphere Application Server 5.0.2 (or any earlier cumulative fix) stores admin and LDAP passwords in plaintext in the FFDC logs when a login to WebSphere fails, which allows attackers to gain privileges.
30 CVE-2006-2469 +Priv 2006-05-19 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
The HTTP handlers in BEA WebLogic Server 9.0, 8.1 up to SP5, 7.0 up to SP6, and 6.1 up to SP7 stores the username and password in cleartext in the WebLogic Server log when access to a web application or protected JWS fails, which allows attackers to gain privileges.
31 CVE-2006-2513 +Priv 2006-05-22 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the installation process in Sun Java System Directory Server 5.2 causes wrong user data to be written to a file created by the installation, which allows remote attackers or local users to gain privileges.
32 CVE-2006-2522 +Priv 2006-05-22 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Dayfox Blog 2.0 and earlier stores user credentials in edit/slog_users.txt under the web document root with insufficient access control, which allows remote attackers to gain privileges.
33 CVE-2006-2580 Exec Code +Priv 2006-05-24 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allow remote attackers to gain privileged access, execute arbitrary commands, or create arbitrary files via unknown vectors.
34 CVE-2006-3470 +Priv 2006-07-10 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
The Dell Openmanage CD launches X11 and SSH daemons that do not require authentication, which allows remote attackers to gain privileges.
35 CVE-2006-3733 264 Exec Code +Priv 2006-07-21 2018-10-17
7.5
User Remote Low Not required Partial Partial Partial
jmx-console/HtmlAdaptor in the jmx-console in the JBoss web application server, as shipped with Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.1, allows remote attackers to gain privileges as the CS-MARS administrator and execute arbitrary Java code via an invokeOp action in the BSHDeployer jboss.scripts service name.
36 CVE-2006-3809 Exec Code +Priv 2006-07-27 2018-10-17
7.5
User Remote Low Not required Partial Partial Partial
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context.
37 CVE-2006-4254 +Priv 2006-08-21 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 allows local users to gain privileges via unspecified vectors.
38 CVE-2006-4370 +Priv 2006-08-26 2018-10-17
7.5
User Remote Low Not required Partial Partial Partial
Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated domain administrators to change a global administrator's password and gain privileges via the userlist.wdm file.
39 CVE-2006-5584 +Priv 2006-12-12 2018-10-17
7.5
User Remote Low Not required Partial Partial Partial
The Remote Installation Service (RIS) in Microsoft Windows 2000 SP4 uses a TFTP server that allows anonymous access, which allows remote attackers to upload and overwrite arbitrary files to gain privileges on systems that use RIS.
40 CVE-2006-5639 +Priv 2006-10-31 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the random number generator in OpenWBEM (Web Based Enterprise Management) 3.2.0 allows attackers to gain privileges via vectors related to "local or HTTP Digest authentication."
41 CVE-2006-6528 +Priv 2006-12-13 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
The Chatroom Module before 4.7.x.-1.0 for Drupal broadcasts Chatroom visitors' session IDs to all participants, which allows remote attackers to hijack sessions and gain privileges.
42 CVE-2006-6752 Overflow +Priv 2006-12-26 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in FTPRush 1.0.0.610 might allow attackers to gain privileges via a long Host field. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. Also, it is not clear whether this issue crosses security boundaries.
43 CVE-2006-6878 +Priv 2006-12-31 2017-10-18
7.5
User Remote Low Not required Partial Partial Partial
admin/uploads.php in PHP-Update 2.7 and earlier allows remote attackers to gain privileges by setting the rights[7] parameter to 1 during a login action.
44 CVE-2006-0008 264 +Priv 2006-02-14 2018-10-30
7.2
Admin Local Low Not required Complete Complete Complete
The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, which executes Notepad with the privileges of the program that displays the about box.
45 CVE-2006-0045 +Priv 2006-01-20 2017-07-19
7.2
Admin Local Low Not required Complete Complete Complete
crawl before 4.0.0 does not securely call programs when saving and loading games, which allows local users to gain privileges.
46 CVE-2006-0151 +Priv 2006-01-09 2018-10-03
7.2
Admin Local Low Not required Complete Complete Complete
sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158.
47 CVE-2006-0176 Overflow +Priv 2006-01-11 2018-10-19
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in certain functions in src/fileio.c and src/unix/fileio.c in xmame before 11 January 2006 may allow local users to gain privileges via a long (1) -lang, (2) -ctrlr, (3) -pb, or (4) -rec argument on many operating systems, and via a long (5) -jdev argument on Ubuntu Linux.
48 CVE-2006-0177 Overflow +Priv 2006-01-11 2017-07-19
7.2
Admin Local Low Not required Complete Complete Complete
Multiple buffer overflows in Cray UNICOS 9.0.2.2 might allow local users to gain privileges by (1) invoking /usr/bin/script with a long command line argument or (2) setting the -c option of /etc/nu to the name of a file containing a long line.
49 CVE-2006-0181 +Priv 2006-01-12 2017-07-19
7.2
Admin Local Low Not required Complete Complete Complete
Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.1.3 has an undocumented administrative account with a default password, which allows local users to gain privileges via the expert command.
50 CVE-2006-0190 DoS +Priv 2006-01-13 2017-10-10
7.2
Admin Local Low Not required Complete Complete Complete
Unspecified vulnerability in Sun Solaris 9 and 10 for the x86 platform allows local users to gain privileges or cause a denial of service (panic) via unspecified vectors, possibly involving functions from the mm driver.
Total number of vulnerabilities : 184   Page : 1 (This Page)2 3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.