CVE-2006-3695

Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting (XSS) attacks, or cause a denial of service via unspecified vectors. NOTE: this might be related to CVE-2006-3458.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/20958	Vendor Advisory
http://secunia.com/advisories/21534	Vendor Advisory
http://securitytracker.com/id?1016457
http://trac.edgewall.org/wiki/ChangeLog
http://www.debian.org/security/2006/dsa-1152
http://www.securityfocus.com/bid/18323
http://www.vupen.com/english/advisories/2006/2729	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/27706
https://exchange.xforce.ibmcloud.com/vulnerabilities/27708

Configurations

Configuration 1 (hide)

cpe:2.3:a:edgewall_software:trac:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-07-21 14:03

Updated : 2017-07-20 01:32

NVD link : CVE-2006-3695

Mitre link : CVE-2006-3695

CVE.ORG link : CVE-2006-3695

JSON object : View

Products Affected

edgewall_software

trac

CWE

NVD-CWE-Other

{"id": "CVE-2006-3695", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-07-21T14:03:00.000", "references": [{"url": "http://secunia.com/advisories/20958", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/21534", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1016457", "source": "cve@mitre.org"}, {"url": "http://trac.edgewall.org/wiki/ChangeLog", "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2006/dsa-1152", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/18323", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/2729", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27706", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27708", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Trac before 0.9.6 does not disable the \"raw\" or \"include\" commands when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting (XSS) attacks, or cause a denial of service via unspecified vectors. NOTE: this might be related to CVE-2006-3458."}, {"lang": "es", "value": "Trac anterior a 0.9.6 no deshabilita los comandos \"raw\" o \"nclude\" cuando se mantiene a usuarios no v\u00e1lidos con la funcionalidad de texto reestructurado (reStructuredText) desde docutils, lo cual permite a atacantes remotos leer archivos de su elecci\u00f3n, realizando ataques de secuencias de comandos en sitios cruzados (XSS), o provocar denegaci\u00f3n de servicio a trav\u00e9s de vectores no especificados. NOTA: esto podr\u00eda estar relacionado con CVE-2006-3458."}], "lastModified": "2017-07-20T01:32:29.947", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:edgewall_software:trac:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FC0F377-A06F-42B8-ACDF-EB59F0C912F7", "versionEndIncluding": "0.9.5"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org", "evaluatorSolution": "Upgrade to 0.9.6"}