Vulnerability Name:

CVE-2006-2952 (CCN-27121)

Assigned:2006-06-08
Published:2006-06-08
Updated:2018-10-18
Summary:Directory traversal vulnerability in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the (1) Default_Theme parameter to header.php or (2) ModPath parameter to modules/cluster-paradise/cluster-E.php.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: BugTraq Mailing List, Thu Jun 08 2006 - 04:18:50 CDT
NPDS <= 5.10 Local Inclusion, XSS, Full path disclosure

Source: MITRE
Type: CNA
CVE-2006-2952

Source: CCN
Type: SA20523
NPDS Local File Inclusion and Cross-Site Scripting Vulnerabilities

Source: SECUNIA
Type: Exploit, Vendor Advisory
20523

Source: SREASON
Type: UNKNOWN
1076

Source: MISC
Type: Vendor Advisory
http://www.acid-root.new.fr/advisories/npds510.txt

Source: CCN
Type: NPDS Web site
Index - NPDS

Source: OSVDB
Type: UNKNOWN
26290

Source: OSVDB
Type: UNKNOWN
26291

Source: CCN
Type: OSVDB ID: 26290
NPDS header.php Default_Theme Parameter Traversal Arbitrary File Access

Source: CCN
Type: OSVDB ID: 26291
NPDS cluster-E.php ModPath Parameter Traversal Arbitrary File Access

Source: BUGTRAQ
Type: UNKNOWN
20060608 NPDS <= 5.10 Local Inclusion, XSS, Full path disclosure

Source: BID
Type: UNKNOWN
18383

Source: CCN
Type: BID-18383
NPDS Multiple Input Validation Vulnerabilities

Source: VUPEN
Type: UNKNOWN
ADV-2006-2233

Source: XF
Type: UNKNOWN
npds-header-clustere-file-include(27121)

Source: XF
Type: UNKNOWN
npds-header-clustere-file-include(27121)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:net_portal_dynamic_system:net_portal_dynamic_system:*:*:*:*:*:*:*:* (Version <= 5.10)

    • * Denotes that component is vulnerable
    BACK
    net_portal_dynamic_system net portal dynamic system *