CVE-2006-0993 Information

Description

The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories which might allow remote attackers to obtain potentially sensitive information such as configuration settings.

Reference

http://secunia.com/advisories/20058 http://securityreason.com/securityalert/870 http://securitytracker.com/id?1016051 http://www.3com.com/securityalert/alerts/3COM-06-002.html http://www.osvdb.org/25360 http://www.securityfocus.com/archive/1/433432/100/0/threaded http://www.securityfocus.com/bid/17935 http://www.vupen.com/english/advisories/2006/1752 http://www.zerodayinitiative.com/advisories/ZDI-06-013.html https://exchange.xforce.ibmcloud.com/vulnerabilities/26338