| Vulnerability Name: | CVE-2006-4959 (CCN-29076) | ||||||||
| Assigned: | 2006-09-21 | ||||||||
| Published: | 2006-09-21 | ||||||||
| Updated: | 2018-10-17 | ||||||||
| Summary: | Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. Note: This information is based upon a vague initial disclosure. Details will be updated as they become available. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N) 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: CCN Type: Full-Disclosure Mailing List, Thu Sep 21 2006 - 03:19:35 CDT [scip_Advisory 2555] Sun Secure Global Desktop prior 4.3 multiple remote vulnerabilities Source: MITRE Type: CNA CVE-2006-4959 Source: CCN Type: SA22037 Sun Secure Global Desktop Cross-Site Scripting Vulnerabilities Source: SECUNIA Type: UNKNOWN 22037 Source: SREASON Type: UNKNOWN 1623 Source: CCN Type: SECTRACK ID: 1016900 Sun Secure Global Desktop Input Validation Holes Permit Cross-Site Scripting Attacks and Disclose System Information to Remote Users Source: SECTRACK Type: UNKNOWN 1016900 Source: MISC Type: UNKNOWN http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555 Source: BUGTRAQ Type: UNKNOWN 20060921 [scip_Advisory 2555] Sun Secure Global Desktop prior 4.3 multiple remote vulnerabilities Source: BID Type: UNKNOWN 20135 Source: CCN Type: BID-20135 Sun Secure Global Desktop Unspecified Multiple Input Validation Vulnerabilities Source: CCN Type: Sun Secure Global Desktop Web site Sun Secure Global Desktop Software 4.2 Source: VUPEN Type: UNKNOWN ADV-2006-3739 Source: XF Type: UNKNOWN sun-ssgd-script-information-disclosure(29076) Source: XF Type: UNKNOWN sun-ssgd-script-information-disclosure(29076) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||