Trac Information Disclosure And Denial of Service Vulnerabilities
BID:18323
CVE-2006-3408 | CVE-2006-3409 | CVE-2006-3410 | CVE-2006-3695 |Info
Trac Information Disclosure And Denial of Service Vulnerabilities
| Bugtraq ID: | 18323 |
| Class: | Unknown |
| CVE: |
CVE-2006-3409 CVE-2006-3695 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 10 2006 12:00AM |
| Updated: | Jul 06 2016 01:33PM |
| Credit: | These issues were disclosed by the vendor. |
| Vulnerable: |
Trac Trac 0.9.5 Trac Trac 0.9.4 Nortel Networks VPN Router 1010 0.9.3 Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1 |
| Not Vulnerable: |
Trac Trac 0.9.6 |
Discussion
Trac Information Disclosure And Denial of Service Vulnerabilities
Trac is affected by multiple vulnerabilities. These issues include denial-of-service and information-disclosure vulnerabilities.
An attacker can exploit these issues to access sensitive information or crash the affected application. Other attacks may also be possible.
Trac versions prior to 0.9.6 are affected by these issues.
Trac is affected by multiple vulnerabilities. These issues include denial-of-service and information-disclosure vulnerabilities.
An attacker can exploit these issues to access sensitive information or crash the affected application. Other attacks may also be possible.
Trac versions prior to 0.9.6 are affected by these issues.
Exploit / POC
Trac Information Disclosure And Denial of Service Vulnerabilities
Attackers can likely exploit both of these issues using standard network tools.
Attackers can likely exploit both of these issues using standard network tools.
Solution / Fix
Trac Information Disclosure And Denial of Service Vulnerabilities
Solution:
The vendor has released version 0.9.6 to address these issues.
Please see the references for more information.
Solution:
The vendor has released version 0.9.6 to address these issues.
Please see the references for more information.
References
Trac Information Disclosure And Denial of Service Vulnerabilities
References:
References:
- Trac Homepage (Trac)
- Trac Lists Homepage (Trac)