CVE-2006-5474

The "forgot password" function in OneOrZero Helpdesk before 1.6.5.4 generates insecure passwords by concatenating the current timestamp with the username, which allows remote attackers to gain access as an arbitrary user by requesting a password reset.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.whitedust.net/speaks/3043/	Exploit Vendor Advisory
http://oneorzero.com/downloads/release_notes/Current_Release_notes.html	Patch
http://www.securityfocus.com/bid/20651
http://secunia.com/advisories/22476	Vendor Advisory
http://securityreason.com/securityalert/1767
http://www.securityfocus.com/archive/1/449352/100/0/threaded

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oneorzero:oneorzero_helpdesk:1.6:::::::*
	cpe:2.3:a:oneorzero:oneorzero_helpdesk:1.6.3:::::::*
	cpe:2.3:a:oneorzero:oneorzero_helpdesk:1.6.4:::::::*
	cpe:2.3:a:oneorzero:oneorzero_helpdesk::::::::

Information

Published : 2006-10-24 13:07

Updated : 2018-10-17 14:43

NVD link : CVE-2006-5474

Mitre link : CVE-2006-5474

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

oneorzero

oneorzero_helpdesk

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.whitedust.net/speaks/3043/", "name": "http://www.whitedust.net/speaks/3043/", "tags": ["Exploit", "Vendor Advisory"], "refsource": "MISC"}, {"url": "http://oneorzero.com/downloads/release_notes/Current_Release_notes.html", "name": "http://oneorzero.com/downloads/release_notes/Current_Release_notes.html", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/20651", "name": "20651", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/22476", "name": "22476", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://securityreason.com/securityalert/1767", "name": "1767", "tags": [], "refsource": "SREASON"}, {"url": "http://www.securityfocus.com/archive/1/449352/100/0/threaded", "name": "20061020 Advisory for Oneorzero helpdesk", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The \"forgot password\" function in OneOrZero Helpdesk before 1.6.5.4 generates insecure passwords by concatenating the current timestamp with the username, which allows remote attackers to gain access as an arbitrary user by requesting a password reset."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-5474", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2006-10-24T20:07Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oneorzero:oneorzero_helpdesk:1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oneorzero:oneorzero_helpdesk:1.6.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oneorzero:oneorzero_helpdesk:1.6.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oneorzero:oneorzero_helpdesk:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.6.5.3"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-17T21:43Z"}