{"api_version":"1","generated_at":"2026-07-07T01:57:11+00:00","cve":"CVE-2006-5950","urls":{"html":"https://cve.report/CVE-2006-5950","api":"https://cve.report/api/cve/CVE-2006-5950.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2006-5950","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2006-5950"},"summary":{"title":"CVE-2006-5950","description":"Unspecified vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote authenticated users to obtain the installation path via unknown vectors related to the REN command, probably due to response messages.  NOTE: the provenance of this information is unknown; details are obtained from third party sources.","state":"PUBLISHED","assigner":"mitre","published_at":"2006-11-17 00:07:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30281","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30281","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/21058","name":"http://www.securityfocus.com/bid/21058","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"AlTools ALFTP Authentication Bypass And Information Disclosure Vulenrabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://secunia.com/advisories/22874","name":"http://secunia.com/advisories/22874","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"ALFTP FTP Server Two Vulnerabilities - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2006/4518","name":"http://www.vupen.com/english/advisories/2006/4518","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2006-5950","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-5950","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2006","cve_id":"5950","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"altools","cpe5":"alftp_ftp_server","cpe6":"4.1_beta1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T20:12:30.935Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"22874","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/22874"},{"name":"21058","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/21058"},{"name":"alftp-ren-path-disclosure(30281)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30281"},{"name":"ADV-2006-4518","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2006/4518"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2006-11-15T00:00:00.000Z","descriptions":[{"lang":"en","value":"Unspecified vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote authenticated users to obtain the installation path via unknown vectors related to the REN command, probably due to response messages.  NOTE: the provenance of this information is unknown; details are obtained from third party sources."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-19T15:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"22874","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/22874"},{"name":"21058","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/21058"},{"name":"alftp-ren-path-disclosure(30281)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30281"},{"name":"ADV-2006-4518","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2006/4518"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2006-5950","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Unspecified vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote authenticated users to obtain the installation path via unknown vectors related to the REN command, probably due to response messages.  NOTE: the provenance of this information is unknown; details are obtained from third party sources."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"22874","refsource":"SECUNIA","url":"http://secunia.com/advisories/22874"},{"name":"21058","refsource":"BID","url":"http://www.securityfocus.com/bid/21058"},{"name":"alftp-ren-path-disclosure(30281)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30281"},{"name":"ADV-2006-4518","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2006/4518"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2006-5950","datePublished":"2006-11-17T00:00:00.000Z","dateReserved":"2006-11-16T00:00:00.000Z","dateUpdated":"2024-08-07T20:12:30.935Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2006-11-17 00:07:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:altools:alftp_ftp_server:4.1_beta1:*:*:*:*:*:*:*","matchCriteriaId":"C42E866E-E855-4AB1-8C4B-E43D19E272E0"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2006","CveId":"5950","Ordinal":"1","Title":"CVE-2006-5950","CVE":"CVE-2006-5950","Year":"2006"},"notes":[{"CveYear":"2006","CveId":"5950","Ordinal":"1","NoteData":"Unspecified vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote authenticated users to obtain the installation path via unknown vectors related to the REN command, probably due to response messages.  NOTE: the provenance of this information is unknown; details are obtained from third party sources.","Type":"Description","Title":"CVE-2006-5950"},{"CveYear":"2006","CveId":"5950","Ordinal":"2","NoteData":"2006-11-16","Type":"Other","Title":"Published"},{"CveYear":"2006","CveId":"5950","Ordinal":"3","NoteData":"2017-07-19","Type":"Other","Title":"Modified"}]}}}