cvelistv5 - CVE-2006-1039

CVE-2006-1039

Vulnerability from cvelistv5

Published

2006-03-07 11:00

Modified

2024-08-07 16:56

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/19085	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1015702
cve@mitre.org	http://www.securityfocus.com/archive/1/426449/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/18006
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0810	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/25003
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19085	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015702
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/426449/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/18006
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0810	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/25003

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:56:15.448Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1015702",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015702"
          },
          {
            "name": "sap-was-url-obtain-information(25003)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25003"
          },
          {
            "name": "19085",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19085"
          },
          {
            "name": "18006",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18006"
          },
          {
            "name": "20060301 SAP Web Application Server http request url parsing vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/426449/100/0/threaded"
          },
          {
            "name": "ADV-2006-0810",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0810"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-03-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "SAP Web Application Server (WebAS) Kernel before 7.0 allows remote attackers to inject arbitrary bytes into the HTTP response and obtain sensitive authentication information, or have other impacts, via a \";%20\" followed by encoded HTTP headers."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1015702",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015702"
        },
        {
          "name": "sap-was-url-obtain-information(25003)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25003"
        },
        {
          "name": "19085",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19085"
        },
        {
          "name": "18006",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18006"
        },
        {
          "name": "20060301 SAP Web Application Server http request url parsing vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/426449/100/0/threaded"
        },
        {
          "name": "ADV-2006-0810",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0810"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-1039",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SAP Web Application Server (WebAS) Kernel before 7.0 allows remote attackers to inject arbitrary bytes into the HTTP response and obtain sensitive authentication information, or have other impacts, via a \";%20\" followed by encoded HTTP headers."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1015702",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015702"
            },
            {
              "name": "sap-was-url-obtain-information(25003)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25003"
            },
            {
              "name": "19085",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19085"
            },
            {
              "name": "18006",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18006"
            },
            {
              "name": "20060301 SAP Web Application Server http request url parsing vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/426449/100/0/threaded"
            },
            {
              "name": "ADV-2006-0810",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0810"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-1039",
    "datePublished": "2006-03-07T11:00:00",
    "dateReserved": "2006-03-07T00:00:00",
    "dateUpdated": "2024-08-07T16:56:15.448Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-1039\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-03-07T11:02:00.000\",\"lastModified\":\"2024-11-21T00:07:56.043\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SAP Web Application Server (WebAS) Kernel before 7.0 allows remote attackers to inject arbitrary bytes into the HTTP response and obtain sensitive authentication information, or have other impacts, via a \\\";%20\\\" followed by encoded HTTP headers.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:N\",\"baseScore\":6.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:sap_web_application_server:6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE5FAC41-5C2B-4653-A757-ADBFD37E716E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:sap_web_application_server:6.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A68E0969-971D-4D97-97EE-F901B05885DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:sap_web_application_server:6.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B41DF7D3-9EF1-4F5B-870E-5D1FDF095509\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/19085\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1015702\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/426449/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/18006\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/0810\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/25003\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/19085\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1015702\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/426449/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/18006\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/0810\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/25003\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

ghsa-fcph-vwq2-2v5x

Vulnerability from github

Published

2022-05-01 06:45

Modified

2022-05-01 06:45

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-1039"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-03-07T11:02:00Z",
    "severity": "MODERATE"
  },
  "details": "SAP Web Application Server (WebAS) Kernel before 7.0 allows remote attackers to inject arbitrary bytes into the HTTP response and obtain sensitive authentication information, or have other impacts, via a \";%20\" followed by encoded HTTP headers.",
  "id": "GHSA-fcph-vwq2-2v5x",
  "modified": "2022-05-01T06:45:31Z",
  "published": "2022-05-01T06:45:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1039"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25003"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19085"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1015702"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/426449/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/18006"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/0810"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2006-1039

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2006-1039

Aliases

CVE-2006-1039

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-1039",
    "description": "SAP Web Application Server (WebAS) Kernel before 7.0 allows remote attackers to inject arbitrary bytes into the HTTP response and obtain sensitive authentication information, or have other impacts, via a \";%20\" followed by encoded HTTP headers.",
    "id": "GSD-2006-1039"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-1039"
      ],
      "details": "SAP Web Application Server (WebAS) Kernel before 7.0 allows remote attackers to inject arbitrary bytes into the HTTP response and obtain sensitive authentication information, or have other impacts, via a \";%20\" followed by encoded HTTP headers.",
      "id": "GSD-2006-1039",
      "modified": "2023-12-13T01:19:54.700578Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-1039",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "SAP Web Application Server (WebAS) Kernel before 7.0 allows remote attackers to inject arbitrary bytes into the HTTP response and obtain sensitive authentication information, or have other impacts, via a \";%20\" followed by encoded HTTP headers."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1015702",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1015702"
          },
          {
            "name": "sap-was-url-obtain-information(25003)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25003"
          },
          {
            "name": "19085",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/19085"
          },
          {
            "name": "18006",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/18006"
          },
          {
            "name": "20060301 SAP Web Application Server http request url parsing vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/426449/100/0/threaded"
          },
          {
            "name": "ADV-2006-0810",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/0810"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sap:sap_web_application_server:6.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:sap_web_application_server:6.40:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:sap_web_application_server:6.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-1039"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "SAP Web Application Server (WebAS) Kernel before 7.0 allows remote attackers to inject arbitrary bytes into the HTTP response and obtain sensitive authentication information, or have other impacts, via a \";%20\" followed by encoded HTTP headers."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-94"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "19085",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/19085"
            },
            {
              "name": "1015702",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1015702"
            },
            {
              "name": "18006",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/18006"
            },
            {
              "name": "ADV-2006-0810",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0810"
            },
            {
              "name": "sap-was-url-obtain-information(25003)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25003"
            },
            {
              "name": "20060301 SAP Web Application Server http request url parsing vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/426449/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-18T16:30Z",
      "publishedDate": "2006-03-07T11:02Z"
    }
  }
}

fkie_cve-2006-1039

Vulnerability from fkie_nvd

Published

2006-03-07 11:02

Modified

2024-11-21 00:07

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/19085	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1015702
cve@mitre.org	http://www.securityfocus.com/archive/1/426449/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/18006
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0810	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/25003
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19085	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015702
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/426449/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/18006
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0810	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/25003

Impacted products

Vendor	Product	Version
sap	sap_web_application_server	6.10
sap	sap_web_application_server	6.20
sap	sap_web_application_server	6.40

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sap:sap_web_application_server:6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE5FAC41-5C2B-4653-A757-ADBFD37E716E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:sap_web_application_server:6.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "A68E0969-971D-4D97-97EE-F901B05885DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:sap_web_application_server:6.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "B41DF7D3-9EF1-4F5B-870E-5D1FDF095509",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SAP Web Application Server (WebAS) Kernel before 7.0 allows remote attackers to inject arbitrary bytes into the HTTP response and obtain sensitive authentication information, or have other impacts, via a \";%20\" followed by encoded HTTP headers."
    }
  ],
  "id": "CVE-2006-1039",
  "lastModified": "2024-11-21T00:07:56.043",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-03-07T11:02:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19085"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015702"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/426449/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/18006"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0810"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19085"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015702"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/426449/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/18006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0810"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25003"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

SAP Web Application Server (WebAS) Kernel before 7.0 allows remote attackers to inject arbitrary bytes into the HTTP response and obtain sensitive authentication information, or have other impacts, via a ";%20" followed by encoded HTTP headers. SAP Web Application Server is prone to an input-validation vulnerability that results in HTTP response-splitting attacks. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust.

Some unspecified input passed in the URL isn't properly sanitised before being returned to the user. This can be exploited to manipulate the HTTP response sent to the user and may allow execution of arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability has been reported in version 7.00 and prior.

SOLUTION: The vendor has released fixes for the vulnerability. See SAP Note 908147 and 915084 for details.

PROVIDED AND/OR DISCOVERED BY: Arnold Grossmann

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200603-0168",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "web application server",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "sap",
        "version": "6.40"
      },
      {
        "model": "web application server",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "sap",
        "version": "6.20"
      },
      {
        "model": "web application server",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "sap",
        "version": "6.10"
      },
      {
        "model": "web application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sap",
        "version": "7.0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "18006"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-101"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-1039"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Arnold Grossmann",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-101"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2006-1039",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2006-1039",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2006-1039",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200603-101",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-101"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-1039"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SAP Web Application Server (WebAS) Kernel before 7.0 allows remote attackers to inject arbitrary bytes into the HTTP response and obtain sensitive authentication information, or have other impacts, via a \";%20\" followed by encoded HTTP headers. SAP Web Application Server is prone to an input-validation vulnerability that results in HTTP response-splitting attacks. This issue is due to a failure in the application to properly sanitize user-supplied input. \nA remote attacker may exploit this vulnerability to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust. \n\nSome unspecified input passed in the URL isn\u0027t properly sanitised\nbefore being returned to the user. This can be exploited to\nmanipulate the HTTP response sent to the user and may allow execution\nof arbitrary HTML and script code in a user\u0027s browser session in\ncontext of an affected site. \n\nThe vulnerability has been reported in version 7.00 and prior. \n\nSOLUTION:\nThe vendor has released fixes for the vulnerability. See SAP Note\n908147 and 915084 for details. \n\nPROVIDED AND/OR DISCOVERED BY:\nArnold Grossmann\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-1039"
      },
      {
        "db": "BID",
        "id": "18006"
      },
      {
        "db": "PACKETSTORM",
        "id": "44344"
      }
    ],
    "trust": 1.26
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2006-1039",
        "trust": 1.9
      },
      {
        "db": "BID",
        "id": "18006",
        "trust": 1.9
      },
      {
        "db": "SECUNIA",
        "id": "19085",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1015702",
        "trust": 1.6
      },
      {
        "db": "VUPEN",
        "id": "ADV-2006-0810",
        "trust": 1.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20060301 SAP WEB APPLICATION SERVER HTTP REQUEST URL PARSING VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "25003",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-101",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "44344",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "18006"
      },
      {
        "db": "PACKETSTORM",
        "id": "44344"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-101"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-1039"
      }
    ]
  },
  "id": "VAR-200603-0168",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.50441176
  },
  "last_update_date": "2024-11-23T22:47:05.897000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-94",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-1039"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/18006"
      },
      {
        "trust": 1.6,
        "url": "http://securitytracker.com/id?1015702"
      },
      {
        "trust": 1.6,
        "url": "http://secunia.com/advisories/19085"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/archive/1/426449/100/0/threaded"
      },
      {
        "trust": 1.0,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25003"
      },
      {
        "trust": 1.0,
        "url": "http://www.vupen.com/english/advisories/2006/0810"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/25003"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/426449/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2006/0810"
      },
      {
        "trust": 0.3,
        "url": "http://www.sap.com"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/434148"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6087/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/19085/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/3327/"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "18006"
      },
      {
        "db": "PACKETSTORM",
        "id": "44344"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-101"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-1039"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "18006"
      },
      {
        "db": "PACKETSTORM",
        "id": "44344"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-101"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-1039"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2005-11-09T00:00:00",
        "db": "BID",
        "id": "18006"
      },
      {
        "date": "2006-03-04T01:29:24",
        "db": "PACKETSTORM",
        "id": "44344"
      },
      {
        "date": "2006-03-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200603-101"
      },
      {
        "date": "2006-03-07T11:02:00",
        "db": "NVD",
        "id": "CVE-2006-1039"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2006-05-17T20:29:00",
        "db": "BID",
        "id": "18006"
      },
      {
        "date": "2007-08-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200603-101"
      },
      {
        "date": "2024-11-21T00:07:56.043000",
        "db": "NVD",
        "id": "CVE-2006-1039"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-101"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SAP Website application server URI Input validation vulnerability",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-101"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "code injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200603-101"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2006-1039

Vulnerability from cvelistv5

ghsa-fcph-vwq2-2v5x

Vulnerability from github

gsd-2006-1039

Vulnerability from gsd

fkie_cve-2006-1039

Vulnerability from fkie_nvd

var-200603-0168

Vulnerability from variot

Tags

Sightings

Nomenclature