{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-08-23T00:00:00", "descriptions": [{"lang": "en", "value": "Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under \"Program Files\" or its subdirectories."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-19T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "19679", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/19679"}, {"name": "1016743", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016743"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ssh.com/company/news/2006/english/security/article/775/"}, {"name": "ssh-tectia-pathname-privilege-escalation(28566)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28566"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-4315", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under \"Program Files\" or its subdirectories."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "19679", "refsource": "BID", "url": "http://www.securityfocus.com/bid/19679"}, {"name": "1016743", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016743"}, {"name": "http://www.ssh.com/company/news/2006/english/security/article/775/", "refsource": "CONFIRM", "url": "http://www.ssh.com/company/news/2006/english/security/article/775/"}, {"name": "ssh-tectia-pathname-privilege-escalation(28566)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28566"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-4315", "datePublished": "2006-08-23T22:00:00", "dateReserved": "2006-08-23T00:00:00", "dateUpdated": "2017-07-19T15:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ssh:tectia_client:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6693DC2D-CDA1-4E37-9569-58874F55A48A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "16CDE975-9E08-493B-9385-3EC2CABC4A15", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "8A63EA6B-2400-48C4-924D-3509971CCBEE", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "0658F08E-2596-4D8E-91AA-44A9DBE8F151", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "74169893-A34F-49FB-8C83-36C4AA808925", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "013E94CC-AF68-44D0-826F-28B1825A8DA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "C9981E30-0D54-4464-8287-E450E7E8F770", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "4ED17577-F56D-48DF-8863-B4FF039C47D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "B74A91E2-C93E-49F4-B349-8E4CEC285C03", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.1j:*:*:*:*:*:*:*", "matchCriteriaId": "FBF7244A-BFF7-4C7C-82FF-6B53236DB86D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "5BADA4CC-FC94-427A-AF93-9AAFDAADDB91", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "8F1D6B7F-8B52-42C0-8613-740CACFB3463", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "D5024EC6-2A47-4ACE-A661-B78D314C7D0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "FA64A6E8-0EB7-4BCA-A7AA-245A466C2F22", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "5058DC44-835D-4BD9-B550-E5CB22F6475F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "23ED4911-6CF5-4562-B421-A328D7BE0291", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.8k:*:*:*:*:*:*:*", "matchCriteriaId": "E7F3388A-39FA-4A3A-819A-764A16AAEB54", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "81DDF3D8-35EA-4677-B1AC-1CA674EEBCD3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "F37366E9-F1B6-4458-AE1C-790405AC8740", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "8C727829-5E3A-41F6-BAB3-01AED39674D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "1CF57477-FB53-49CC-BAD4-CDC0FD9363F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "65FB72FC-37EE-4D42-893E-9C0924EEA2E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "B18D681B-ACE1-47E3-851D-57DA47D1E2F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F470797-BBE4-4360-A38A-2722B8CF3BB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_client:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "FB6587AA-E91D-4194-81D0-FCF1AA382CAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_connector:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D921A61E-D401-404E-B539-DAFE05D001F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_connector:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "30A3B9E9-3643-443B-A19A-2AE989832C50", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_manager:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "207A0CC3-240E-467E-A82D-DB9751378C2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_manager:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "23D62693-EA3F-406E-AC66-79B1CD566F1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_manager:2.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "9CF059D3-7250-44F9-9337-AD66A0F28071", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "3E4480D2-1B5C-443D-8D7F-976885C33BDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "795DEA94-79D6-4132-B205-AB098E92216A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "CD05A3E8-105D-4712-8BBE-2D5CF4F78890", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "8D6691FF-77F2-4AE3-B49F-BFB8744AD046", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "075B6E8D-4C4B-4E98-94C6-52B842BE65FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "27B99F6E-712C-4205-9185-26F543EFC881", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AF0262B-1451-40CA-9DD1-F2DEA793BD61", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "C27E0224-9431-49EF-8B32-850CDF6FFFE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "88A88A21-7427-4452-8C2A-6C31542FA83C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "A3DCEAA0-509A-4978-BE53-0CBE084366FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "3203DC73-05F2-4A28-9E62-3D87B482586A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA1AAC-3FCF-47D8-A6B4-9DB0D776CE14", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "64F4CDF1-695A-4677-A829-74BB365BF4FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "BBEF55DD-FC87-42A3-9DAF-9862AA9649CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "DC0FA974-7671-4FB7-BB36-274B5970EBAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B6C2BA84-A520-489E-AF08-F3D35B0D580B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "011F841A-4F1B-49B2-B379-9FE126141568", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "B3C54819-CF51-4BBE-873F-4A0E2072D10F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "802C46F0-0FE2-42BD-910A-08CC9639BC4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ssh:tectia_server:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3B2E96C8-F8F8-4002-B242-3ADDF1E84B7D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under \"Program Files\" or its subdirectories."}, {"lang": "es", "value": "Vulnerabilidad de ruta no confiable en la b\u00fasqueda no literal de Windows en m\u00faltiples productos SSH de Tectia, incluyendo el Client/Server/Connector 5.0.0 y 5.0.1 y Client/Server anterior a 4.4.5, y Manager 2.12 y anteriores, cuando se ejecutan en Windows, podr\u00edan permitir a usuarios locales escalar privilegios mediante un archivo de programa malicioso en \"Archivos de Programa\" o sus subdirectorios."}], "id": "CVE-2006-4315", "lastModified": "2017-07-20T01:33:00.197", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-08-23T22:04:00.000", "references": [{"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1016743"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/19679"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.ssh.com/company/news/2006/english/security/article/775/"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28566"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}