CVE-2006-4959 - Vulnerability Details - OpenCVE

Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sun	Secure Global Desktop

Configuration 1 [-]

OR	cpe:2.3:a:sun:secure_global_desktop:3.42::enterprise:::::
	cpe:2.3:a:sun:secure_global_desktop:4.0::enterprise:::::

No data.

References

Link	Providers
http://secunia.com/advisories/22037
http://securityreason.com/securityalert/1623
http://securitytracker.com/id?1016900
http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555
http://www.securityfocus.com/archive/1/446566/100/0/threaded
http://www.securityfocus.com/bid/20135
http://www.vupen.com/english/advisories/2006/3739
https://exchange.xforce.ibmcloud.com/vulnerabilities/29076

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-09-23T10:00:00

Updated: 2024-08-07T19:32:22.394Z

Reserved: 2006-09-22T00:00:00

Link: CVE-2006-4959

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2006-09-23T10:07:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2006-4959

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-09-21T00:00:00", "descriptions": [{"lang": "en", "value": "Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-17T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1016900", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016900"}, {"name": "sun-ssgd-script-information-disclosure(29076)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29076"}, {"name": "22037", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/22037"}, {"name": "20060921 [scip_Advisory 2555] Sun Secure Global Desktop prior 4.3 multiple remote vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/446566/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555"}, {"name": "1623", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/1623"}, {"name": "ADV-2006-3739", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/3739"}, {"name": "20135", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/20135"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-4959", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1016900", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016900"}, {"name": "sun-ssgd-script-information-disclosure(29076)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29076"}, {"name": "22037", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22037"}, {"name": "20060921 [scip_Advisory 2555] Sun Secure Global Desktop prior 4.3 multiple remote vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/446566/100/0/threaded"}, {"name": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555", "refsource": "MISC", "url": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555"}, {"name": "1623", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/1623"}, {"name": "ADV-2006-3739", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3739"}, {"name": "20135", "refsource": "BID", "url": "http://www.securityfocus.com/bid/20135"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T19:32:22.394Z"}, "title": "CVE Program Container", "references": [{"name": "1016900", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1016900"}, {"name": "sun-ssgd-script-information-disclosure(29076)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29076"}, {"name": "22037", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/22037"}, {"name": "20060921 [scip_Advisory 2555] Sun Secure Global Desktop prior 4.3 multiple remote vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/446566/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555"}, {"name": "1623", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/1623"}, {"name": "ADV-2006-3739", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/3739"}, {"name": "20135", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/20135"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-4959", "datePublished": "2006-09-23T10:00:00", "dateReserved": "2006-09-22T00:00:00", "dateUpdated": "2024-08-07T19:32:22.394Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sun:secure_global_desktop:3.42:*:enterprise:*:*:*:*:*", "matchCriteriaId": "6DCA2744-A4A1-497D-A133-9D2B4E56BAF4", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:secure_global_desktop:4.0:*:enterprise:*:*:*:*:*", "matchCriteriaId": "D957237E-B27F-4830-94C9-4C2ACE107AD0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available."}, {"lang": "es", "value": "Sun Secure Global Desktop (SSGD, tambi\u00e9n conocido como Tarantella) anterior a 4.3 permite a un atacante remoto obtener informaci\u00f3n sensible, incluyendo el nombre del servidor, versiones, y detalles de configuraci\u00f3n, a trav\u00e9s de vectores no especificados, posiblemente afecte a 1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, o (7) test-cgi. NOTA: Esta informaci\u00f3n esta basa en una informaci\u00f3n inicial. Los detalles ser\u00e1n actualizados cuando se encuentren disponibles."}], "id": "CVE-2006-4959", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-09-23T10:07:00.000", "references": [{"source": "cve@mitre.org", "url": "http://secunia.com/advisories/22037"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/1623"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1016900"}, {"source": "cve@mitre.org", "url": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/446566/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/20135"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/3739"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29076"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/22037"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/1623"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1016900"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/446566/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/20135"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/3739"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29076"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}