{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-12-15T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux before 2.2 and (2) torrentflux-b4rt before 2.1-b4rt-972 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the path parameter, a different vector than CVE-2006-6328."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "21613", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/21613"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://tf-b4rt.berlios.de/changelog-torrentflux_2.1-b4rt.txt"}, {"name": "23402", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23402"}, {"name": "2902", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/2902"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-6598", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux before 2.2 and (2) torrentflux-b4rt before 2.1-b4rt-972 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the path parameter, a different vector than CVE-2006-6328."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "21613", "refsource": "BID", "url": "http://www.securityfocus.com/bid/21613"}, {"name": "http://tf-b4rt.berlios.de/changelog-torrentflux_2.1-b4rt.txt", "refsource": "CONFIRM", "url": "http://tf-b4rt.berlios.de/changelog-torrentflux_2.1-b4rt.txt"}, {"name": "23402", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23402"}, {"name": "2902", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/2902"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T20:33:59.745Z"}, "title": "CVE Program Container", "references": [{"name": "21613", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/21613"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://tf-b4rt.berlios.de/changelog-torrentflux_2.1-b4rt.txt"}, {"name": "23402", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23402"}, {"name": "2902", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/2902"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-6598", "datePublished": "2006-12-15T22:00:00", "dateReserved": "2006-12-15T00:00:00", "dateUpdated": "2024-08-07T20:33:59.745Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:torrentflux:torrentflux:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC738E38-4158-4E63-929D-6CC971FAD24A", "versionEndIncluding": "2.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:*:*:*:*:*:*:*:*", "matchCriteriaId": "2526D31B-D081-4C35-9D98-26DD3DCBBB5D", "versionEndIncluding": "2.1_b4rt971", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt3:*:*:*:*:*:*:*", "matchCriteriaId": "430F26F5-9C15-45A6-8FE2-3DE2D5676F3F", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt4:*:*:*:*:*:*:*", "matchCriteriaId": "40FE6027-3BBB-417A-BB59-8F344C79F35D", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt5:*:*:*:*:*:*:*", "matchCriteriaId": "113272FC-6E2C-4C65-BF14-3A9478B8EE5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt6:*:*:*:*:*:*:*", "matchCriteriaId": "FCC7B523-93AF-44A3-A6DB-6044049E221C", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt7:*:*:*:*:*:*:*", "matchCriteriaId": "84FD3104-2104-48AF-A246-E576CB691C4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt8:*:*:*:*:*:*:*", "matchCriteriaId": "7ECD29D9-93E0-479A-B755-B9D3EF203885", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt9:*:*:*:*:*:*:*", "matchCriteriaId": "5E32CFEA-5023-46BB-B64B-3C3BB43BA232", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt61:*:*:*:*:*:*:*", "matchCriteriaId": "2F44E2F6-1839-4AA2-9927-A8D27B08DB81", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt81:*:*:*:*:*:*:*", "matchCriteriaId": "61B4C1FB-BBD4-4C52-8FE2-8F4AE31DC749", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt82:*:*:*:*:*:*:*", "matchCriteriaId": "4542049A-1D9D-4FBC-8B2B-541FDAB057F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt83:*:*:*:*:*:*:*", "matchCriteriaId": "17E18EF1-A50A-4788-91CE-1F788CB5BA77", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt84:*:*:*:*:*:*:*", "matchCriteriaId": "48C05143-0B64-4221-B118-A76DC859BD12", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt85:*:*:*:*:*:*:*", "matchCriteriaId": "402B5C5A-FC57-4EE0-872D-4F4A12A283E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt91:*:*:*:*:*:*:*", "matchCriteriaId": "D59C1106-AA83-45AE-B9DD-5A50647562DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt92:*:*:*:*:*:*:*", "matchCriteriaId": "47AC093F-EF43-4CC9-A6F0-F127E58CAA8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt93:*:*:*:*:*:*:*", "matchCriteriaId": "976E5481-8D4E-4DC4-AC04-CB71F2729C49", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt94:*:*:*:*:*:*:*", "matchCriteriaId": "92DB5D17-30FD-44FD-9BF6-ADEB77665537", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt95:*:*:*:*:*:*:*", "matchCriteriaId": "A212E631-FAE5-4FC4-9396-EDA4F63A129A", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt96:*:*:*:*:*:*:*", "matchCriteriaId": "F1359647-6E65-4EC4-9754-35CAC1700C68", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt97:*:*:*:*:*:*:*", "matchCriteriaId": "C7E42B11-55B0-4302-95D7-54D9E17936BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt801:*:*:*:*:*:*:*", "matchCriteriaId": "3272FCC8-CCDC-4864-851D-78B776B8C66A", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt802:*:*:*:*:*:*:*", "matchCriteriaId": "A0A5E5F0-1C8D-4CBE-AF51-E9784CE9AF05", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt951:*:*:*:*:*:*:*", "matchCriteriaId": "AF63B674-0D31-4003-B79B-87F2B891B6C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt952:*:*:*:*:*:*:*", "matchCriteriaId": "ADC9FAD6-BF60-4DE1-A045-86D8689EE281", "vulnerable": true}, {"criteria": "cpe:2.3:a:torrentflux:torrentflux-b4rt:2.1_b4rt953:*:*:*:*:*:*:*", "matchCriteriaId": "1D4A2D82-46E9-4884-BD81-AF33702EEF7A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux before 2.2 and (2) torrentflux-b4rt before 2.1-b4rt-972 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the path parameter, a different vector than CVE-2006-6328."}, {"lang": "es", "value": "Vulnerabildiad de salto de directorio en viewnfo.php en (1) TorrentFlux anterior a 2.2 y (2) torrentflux-b4rt anterior 2.1-b4rt-972 permite a usuarios validados leer archivos de su elecci\u00f3n a trav\u00e9s de la secuencia .. (punto punto) en el par\u00e1metro path, un vector diferente que CVE-2006-6328."}], "id": "CVE-2006-6598", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-12-15T22:28:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/23402"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://tf-b4rt.berlios.de/changelog-torrentflux_2.1-b4rt.txt"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/21613"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/2902"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/23402"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://tf-b4rt.berlios.de/changelog-torrentflux_2.1-b4rt.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/21613"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/2902"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}