Vulnerability Name:

CVE-2006-4731 (CCN-28885)

Assigned:2006-09-11
Published:2006-09-11
Updated:2018-10-17
Summary:Multiple directory traversal vulnerabilities in (1) login.pl and (2) admin.pl in (a) SQL-Ledger before 2.6.19 and (b) LedgerSMB before 1.0.0p1 allow remote attackers to execute arbitrary Perl code via an unspecified terminal parameter value containing ../ (dot dot slash).
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: BugTraq Mailing List, Mon Sep 11 2006 - 22:00:35 CDT
LedgerSMB 1.0.0 and SQL-Ledger 2.6.18 and earler arbitrary code execution

Source: MITRE
Type: CNA
CVE-2006-4731

Source: CCN
Type: SA21824
LedgerSMB "terminal" Parameter Perl Code Execution

Source: SECUNIA
Type: Patch, Vendor Advisory
21824

Source: CCN
Type: SA21886
SQL-Ledger "terminal" Parameter Perl Code Execution

Source: SECUNIA
Type: Patch, Vendor Advisory
21886

Source: SREASON
Type: UNKNOWN
1553

Source: CCN
Type: SourceForge.net
LedgerSMB

Source: CCN
Type: SourceForge.net: Files
LedgerSMB - File Release Notes and Changelog - Release Name: 1.0.0p1

Source: CONFIRM
Type: Patch
http://sourceforge.net/project/shownotes.php?group_id=175965&release_id=446778

Source: MISC
Type: UNKNOWN
http://svn.sourceforge.net/viewvc/ledger-smb/trunk/login.pl?r1=53&r2=69

Source: DEBIAN
Type: DSA-1239
sql-ledger -- several vulnerabilities

Source: CCN
Type: OSVDB ID: 28753
LedgerSMB terminal Variable Arbitrary Perl Code Execution

Source: BUGTRAQ
Type: UNKNOWN
20060912 LedgerSMB 1.0.0 and SQL-Ledger 2.6.18 and earler arbitrary code execution

Source: BID
Type: UNKNOWN
19960

Source: CCN
Type: BID-19960
SQL-Ledger/LedgerSMB Terminal Parameter Directory Traversal Vulnerability

Source: CCN
Type: SQL-Ledger Accounting Web site
SQL-Ledger Accounting

Source: CCN
Type: SQL-Ledger Web site
What's New

Source: CONFIRM
Type: UNKNOWN
http://www.sql-ledger.org/cgi-bin/nav.pl?page=news.html&title=What's%20New

Source: VUPEN
Type: UNKNOWN
ADV-2006-3554

Source: VUPEN
Type: UNKNOWN
ADV-2006-3555

Source: XF
Type: UNKNOWN
sqlledger-ledgersmb-terminal-file-include(28885)

Source: XF
Type: UNKNOWN
sqlledger-ledgersmb-terminal-file-include(28885)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:dws_systems_inc.:sql-ledger:2.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.4.8:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.4.9:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.4.10:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.4.11:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.4.12:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.4.13:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.4.14:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.4.15:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.4.16:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.6.3:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.6.4:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.6.5:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.6.6:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.6.7:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.6.8:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.6.9:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.6.10:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.6.11:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.6.12:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.6.13:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.6.14:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.6.15:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.6.16:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.6.17:*:*:*:*:*:*:*
  • OR cpe:/a:dws_systems_inc.:sql-ledger:2.6.18:*:*:*:*:*:*:*
  • OR cpe:/a:ledgersmb:ledgersmb:*:*:*:*:*:*:*:* (Version <= 1.0.0)

    • Configuration CCN 1:
  • cpe:/a:ledgersmb:ledgersmb:1.0.0:*:*:*:*:*:*:*
  • AND
  • cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.debian:def:1239
    V
    		several vulnerabilities
    2006-12-17
    BACK
    dws_systems_inc. sql-ledger 2.2.0
    dws_systems_inc. sql-ledger 2.2.1
    dws_systems_inc. sql-ledger 2.2.2
    dws_systems_inc. sql-ledger 2.2.3
    dws_systems_inc. sql-ledger 2.2.4
    dws_systems_inc. sql-ledger 2.2.5
    dws_systems_inc. sql-ledger 2.2.6
    dws_systems_inc. sql-ledger 2.2.7
    dws_systems_inc. sql-ledger 2.4.0
    dws_systems_inc. sql-ledger 2.4.1
    dws_systems_inc. sql-ledger 2.4.2
    dws_systems_inc. sql-ledger 2.4.3
    dws_systems_inc. sql-ledger 2.4.4
    dws_systems_inc. sql-ledger 2.4.5
    dws_systems_inc. sql-ledger 2.4.6
    dws_systems_inc. sql-ledger 2.4.7
    dws_systems_inc. sql-ledger 2.4.8
    dws_systems_inc. sql-ledger 2.4.9
    dws_systems_inc. sql-ledger 2.4.10
    dws_systems_inc. sql-ledger 2.4.11
    dws_systems_inc. sql-ledger 2.4.12
    dws_systems_inc. sql-ledger 2.4.13
    dws_systems_inc. sql-ledger 2.4.14
    dws_systems_inc. sql-ledger 2.4.15
    dws_systems_inc. sql-ledger 2.4.16
    dws_systems_inc. sql-ledger 2.6.1
    dws_systems_inc. sql-ledger 2.6.2
    dws_systems_inc. sql-ledger 2.6.3
    dws_systems_inc. sql-ledger 2.6.4
    dws_systems_inc. sql-ledger 2.6.5
    dws_systems_inc. sql-ledger 2.6.6
    dws_systems_inc. sql-ledger 2.6.7
    dws_systems_inc. sql-ledger 2.6.8
    dws_systems_inc. sql-ledger 2.6.9
    dws_systems_inc. sql-ledger 2.6.10
    dws_systems_inc. sql-ledger 2.6.11
    dws_systems_inc. sql-ledger 2.6.12
    dws_systems_inc. sql-ledger 2.6.13
    dws_systems_inc. sql-ledger 2.6.14
    dws_systems_inc. sql-ledger 2.6.15
    dws_systems_inc. sql-ledger 2.6.16
    dws_systems_inc. sql-ledger 2.6.17
    dws_systems_inc. sql-ledger 2.6.18
    ledgersmb ledgersmb *
    ledgersmb ledgersmb 1.0.0
    debian debian linux 3.1