CVE-2006-1386
First published: Sun Mar 26 2006(Updated: )
The (1) rdiff and (2) preview scripts in TWiki 4.0 and 4.0.1 ignore access control settings, which allows remote attackers to read restricted areas and access restricted content in TWiki topics.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| TWiki | =4.0.1 | |
| TWiki | =4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2006-1386?
CVE-2006-1386 has a moderate severity rating as it allows unauthorized access to restricted content.
How do I fix CVE-2006-1386?
To fix CVE-2006-1386, upgrade TWiki to version 4.0.2 or later which addresses the access control issue.
Which versions of TWiki are affected by CVE-2006-1386?
CVE-2006-1386 affects TWiki versions 4.0 and 4.0.1.
What type of attack does CVE-2006-1386 facilitate?
CVE-2006-1386 facilitates unauthorized access attacks, allowing attackers to read restricted TWiki topics.
Are there any known exploits for CVE-2006-1386?
Yes, there are known exploits for CVE-2006-1386 that take advantage of the ignored access control settings.
- agent/references
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/twiki
- canonical/twiki
- version/twiki/4.0.1
- version/twiki/4.0