Vulnerability-Lookup

CVE-2006-3885 (GCVE-0-2006-3885)

Vulnerability from cvelistv5 – Published: 2006-07-27 00:00 – Updated: 2024-08-07 18:48

Summary

Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264.

Severity

No CVSS data available.

CWE

Assigner

mitre

References

9 references

URL	Tags
http://www.securityfocus.com/archive/1/441495/100…	mailing-listx_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
http://securityreason.com/securityalert/1290	third-party-advisoryx_refsource_SREASON
http://www.securityfocus.com/archive/1/440990/100…	mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/19136	vdb-entryx_refsource_BID
http://secunia.com/advisories/21200	third-party-advisoryx_refsource_SECUNIA
http://securitytracker.com/id?1016563	vdb-entryx_refsource_SECTRACK
http://www.sec-tec.co.uk/vulnerability/r55w_direc…	x_refsource_MISC
http://www.vupen.com/english/advisories/2006/2965	vdb-entryx_refsource_VUPEN

Date Public

2006-07-24 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:48:39.337Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20060726 Re: Check Point R55W Directory Traversal",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/441495/100/0/threaded"
          },
          {
            "name": "fw1-encoded-characters-directory-traversal(27937)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27937"
          },
          {
            "name": "1290",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/1290"
          },
          {
            "name": "20060724 Check Point R55W Directory Traversal",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/440990/100/0/threaded"
          },
          {
            "name": "19136",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19136"
          },
          {
            "name": "21200",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21200"
          },
          {
            "name": "1016563",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016563"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html"
          },
          {
            "name": "ADV-2006-2965",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2965"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-07-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20060726 Re: Check Point R55W Directory Traversal",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/441495/100/0/threaded"
        },
        {
          "name": "fw1-encoded-characters-directory-traversal(27937)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27937"
        },
        {
          "name": "1290",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/1290"
        },
        {
          "name": "20060724 Check Point R55W Directory Traversal",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/440990/100/0/threaded"
        },
        {
          "name": "19136",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19136"
        },
        {
          "name": "21200",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21200"
        },
        {
          "name": "1016563",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016563"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html"
        },
        {
          "name": "ADV-2006-2965",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2965"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3885",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20060726 Re: Check Point R55W Directory Traversal",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/441495/100/0/threaded"
            },
            {
              "name": "fw1-encoded-characters-directory-traversal(27937)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27937"
            },
            {
              "name": "1290",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/1290"
            },
            {
              "name": "20060724 Check Point R55W Directory Traversal",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/440990/100/0/threaded"
            },
            {
              "name": "19136",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/19136"
            },
            {
              "name": "21200",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21200"
            },
            {
              "name": "1016563",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016563"
            },
            {
              "name": "http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html",
              "refsource": "MISC",
              "url": "http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html"
            },
            {
              "name": "ADV-2006-2965",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2965"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3885",
    "datePublished": "2006-07-27T00:00:00.000Z",
    "dateReserved": "2006-07-26T00:00:00.000Z",
    "dateUpdated": "2024-08-07T18:48:39.337Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2006-3885",
      "date": "2026-06-04",
      "epss": "0.01256",
      "percentile": "0.79714"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-3885\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-07-27T01:04:00.000\",\"lastModified\":\"2026-04-16T00:27:16.627\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de salto de directorio en Check Point Firewall-1 R55W anterior a HFA03 permite a atacantes remotos leer archivos de su elecci\u00f3n mediante un .. (punto punto) codificado en el URL en el puerto TCP 18264.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:firewall-1:r55w:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1975FDD7-C643-4B85-8238-723CADFCE227\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:firewall-1:r55w:hfa1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0A5C0EC-E233-477F-8F4E-6E65C9284DA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:firewall-1:r55w:hfa2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A55D2D38-3D40-4163-B5A2-2186612C0AB3\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/21200\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securityreason.com/securityalert/1290\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1016563\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/440990/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/441495/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/19136\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/2965\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27937\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21200\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securityreason.com/securityalert/1290\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1016563\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/440990/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/441495/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/19136\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/2965\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27937\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2006-3885

Vulnerability from fkie_nvd - Published: 2006-07-27 01:04 - Updated: 2026-04-16 00:27

Severity

Summary

Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/21200
cve@mitre.org	http://securityreason.com/securityalert/1290
cve@mitre.org	http://securitytracker.com/id?1016563
cve@mitre.org	http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html
cve@mitre.org	http://www.securityfocus.com/archive/1/440990/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/441495/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/19136	Exploit, Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2006/2965
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/27937
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21200
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/1290
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016563
af854a3a-2127-422b-91ae-364da2661108	http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/440990/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/441495/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/19136	Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/2965
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/27937

Impacted products

Vendor	Product	Version
checkpoint	firewall-1	r55w
checkpoint	firewall-1	r55w
checkpoint	firewall-1	r55w

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:checkpoint:firewall-1:r55w:*:*:*:*:*:*:*",
              "matchCriteriaId": "1975FDD7-C643-4B85-8238-723CADFCE227",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:firewall-1:r55w:hfa1:*:*:*:*:*:*",
              "matchCriteriaId": "B0A5C0EC-E233-477F-8F4E-6E65C9284DA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:firewall-1:r55w:hfa2:*:*:*:*:*:*",
              "matchCriteriaId": "A55D2D38-3D40-4163-B5A2-2186612C0AB3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de salto de directorio en Check Point Firewall-1 R55W anterior a HFA03 permite a atacantes remotos leer archivos de su elecci\u00f3n mediante un .. (punto punto) codificado en el URL en el puerto TCP 18264."
    }
  ],
  "id": "CVE-2006-3885",
  "lastModified": "2026-04-16T00:27:16.627",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-07-27T01:04:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/21200"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/1290"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016563"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/440990/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/441495/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/19136"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/2965"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21200"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/1290"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016563"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/440990/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/441495/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/19136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/2965"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27937"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-3JMM-5P7R-97G4

Vulnerability from github – Published: 2022-05-01 07:13 – Updated: 2022-05-01 07:13

Details

Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-3885"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-07-27T01:04:00Z",
    "severity": "MODERATE"
  },
  "details": "Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264.",
  "id": "GHSA-3jmm-5p7r-97g4",
  "modified": "2022-05-01T07:13:20Z",
  "published": "2022-05-01T07:13:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3885"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27937"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21200"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/1290"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016563"
    },
    {
      "type": "WEB",
      "url": "http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/440990/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/441495/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/19136"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/2965"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2006-3885

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264.

Aliases

CVE-2006-3885

Aliases

CVE-2006-3885

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-3885",
    "description": "Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264.",
    "id": "GSD-2006-3885"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-3885"
      ],
      "details": "Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264.",
      "id": "GSD-2006-3885",
      "modified": "2023-12-13T01:19:56.942397Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-3885",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20060726 Re: Check Point R55W Directory Traversal",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/441495/100/0/threaded"
          },
          {
            "name": "fw1-encoded-characters-directory-traversal(27937)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27937"
          },
          {
            "name": "1290",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/1290"
          },
          {
            "name": "20060724 Check Point R55W Directory Traversal",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/440990/100/0/threaded"
          },
          {
            "name": "19136",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/19136"
          },
          {
            "name": "21200",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21200"
          },
          {
            "name": "1016563",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1016563"
          },
          {
            "name": "http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html",
            "refsource": "MISC",
            "url": "http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html"
          },
          {
            "name": "ADV-2006-2965",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/2965"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:firewall-1:r55w:hfa2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:firewall-1:r55w:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:checkpoint:firewall-1:r55w:hfa1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3885"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html"
            },
            {
              "name": "19136",
              "refsource": "BID",
              "tags": [
                "Exploit",
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/19136"
            },
            {
              "name": "21200",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21200"
            },
            {
              "name": "1016563",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1016563"
            },
            {
              "name": "1290",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/1290"
            },
            {
              "name": "ADV-2006-2965",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/2965"
            },
            {
              "name": "fw1-encoded-characters-directory-traversal(27937)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27937"
            },
            {
              "name": "20060726 Re: Check Point R55W Directory Traversal",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/441495/100/0/threaded"
            },
            {
              "name": "20060724 Check Point R55W Directory Traversal",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/440990/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-17T21:32Z",
      "publishedDate": "2006-07-27T01:04Z"
    }
  }
}

VAR-200607-0417

Vulnerability from variot - Updated: 2025-04-03 19:42

Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264. Checkpoint FireWall-1 is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. Information obtained may aid in further attacks. R55W HFA2 and prior versions are vulnerable to this issue. Check Point Firewall-1 is a high-performance firewall. This vulnerability can be exploited via basic HEX-encoded directory traversal strings.

Hardcore Disassembler / Reverse Engineer Wanted!

Want to work with IDA and BinDiff? Want to write PoC's and Exploits?

Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation compensation package.

http://secunia.com/hardcore_disassembler_and_reverse_engineer/

TITLE: Check Point VPN/Firewall Directory Traversal Vulnerability

SECUNIA ADVISORY ID: SA21200

VERIFY ADVISORY: http://secunia.com/advisories/21200/

CRITICAL: Moderately critical

IMPACT: Exposure of sensitive information

WHERE:

From remote

SOFTWARE: Check Point VPN-1/FireWall-1 NG with Application Intelligence (AI) http://secunia.com/product/2542/

DESCRIPTION: Pete Foster has reported a vulnerability in Check Point VPN-1/Firewall-1, which can be exploited by malicious people to disclose certain sensitive information.

An input validation error in the hard coded web server (port 18264/TCP) can be exploited to disclose the contents of certain files via directory traversal attacks.

SOLUTION: The vulnerability has reportedly been fixed in version R55W HFA03.

PROVIDED AND/OR DISCOVERED BY: Pete Foster

ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2006-07/0419.html

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "firewall-1",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "checkpoint",
        "version": "r55w"
      },
      {
        "_id": null,
        "model": "firewall-1",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "check point",
        "version": "r55w"
      },
      {
        "_id": null,
        "model": "firewall-1",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "check point",
        "version": "hfa03"
      },
      {
        "_id": null,
        "model": "point software firewall-1 r55w hfa2",
        "scope": null,
        "trust": 0.3,
        "vendor": "check",
        "version": null
      },
      {
        "_id": null,
        "model": "point software firewall-1 r55w hfa1",
        "scope": null,
        "trust": 0.3,
        "vendor": "check",
        "version": null
      },
      {
        "_id": null,
        "model": "point software firewall-1 r55w",
        "scope": null,
        "trust": 0.3,
        "vendor": "check",
        "version": null
      },
      {
        "_id": null,
        "model": "point software firewall-1 r55w hfa3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "check",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "19136"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002923"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-451"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3885"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:checkpoint:firewall-1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002923"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Pete Foster pete@sec-tec.demon.co.uk",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-451"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2006-3885",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2006-3885",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-19993",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2006-3885",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2006-3885",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200607-451",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-19993",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-19993"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002923"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-451"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3885"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264. Checkpoint FireWall-1 is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. Information obtained may aid in further attacks. \nR55W HFA2 and prior versions are vulnerable to this issue. Check Point Firewall-1 is a high-performance firewall. This vulnerability can be exploited via basic HEX-encoded directory traversal strings. \n\n----------------------------------------------------------------------\n\nHardcore Disassembler / Reverse Engineer Wanted!\n\nWant to work with IDA and BinDiff?\nWant to write PoC\u0027s and Exploits?\n\nYour nationality is not important. \nWe will get you a work permit, find an apartment, and offer a\nrelocation compensation package. \n\nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\n----------------------------------------------------------------------\n\nTITLE:\nCheck Point VPN/Firewall Directory Traversal Vulnerability\n\nSECUNIA ADVISORY ID:\nSA21200\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/21200/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nExposure of sensitive information\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nCheck Point VPN-1/FireWall-1 NG with Application Intelligence (AI)\nhttp://secunia.com/product/2542/\n\nDESCRIPTION:\nPete Foster has reported a vulnerability in Check Point\nVPN-1/Firewall-1, which can be exploited by malicious people to\ndisclose certain sensitive information. \n\nAn input validation error in the hard coded web server (port\n18264/TCP) can be exploited to disclose the contents of certain files\nvia directory traversal attacks. \n\nSOLUTION:\nThe vulnerability has reportedly been fixed in version R55W HFA03. \n\nPROVIDED AND/OR DISCOVERED BY:\nPete Foster\n\nORIGINAL ADVISORY:\nhttp://archives.neohapsis.com/archives/bugtraq/2006-07/0419.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-3885"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002923"
      },
      {
        "db": "BID",
        "id": "19136"
      },
      {
        "db": "VULHUB",
        "id": "VHN-19993"
      },
      {
        "db": "PACKETSTORM",
        "id": "48608"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2006-3885",
        "trust": 2.5
      },
      {
        "db": "BID",
        "id": "19136",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "21200",
        "trust": 1.8
      },
      {
        "db": "VUPEN",
        "id": "ADV-2006-2965",
        "trust": 1.7
      },
      {
        "db": "SREASON",
        "id": "1290",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1016563",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002923",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-451",
        "trust": 0.7
      },
      {
        "db": "XF",
        "id": "27937",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "1",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20060726 RE: CHECK POINT R55W DIRECTORY TRAVERSAL",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20060724 CHECK POINT R55W DIRECTORY TRAVERSAL",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-19993",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "48608",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-19993"
      },
      {
        "db": "BID",
        "id": "19136"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002923"
      },
      {
        "db": "PACKETSTORM",
        "id": "48608"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-451"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3885"
      }
    ]
  },
  "id": "VAR-200607-0417",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-19993"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2025-04-03T19:42:49.238000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Latest Hotfix Accumulators (HFAs)",
        "trust": 0.8,
        "url": "http://www.checkpoint.com/downloads/latest/hfa/index.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002923"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-3885"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/19136"
      },
      {
        "trust": 1.7,
        "url": "http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1016563"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/21200"
      },
      {
        "trust": 1.7,
        "url": "http://securityreason.com/securityalert/1290"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/440990/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/441495/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2006/2965"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27937"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3885"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-3885"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/27937"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2006/2965"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/440990/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/441495/100/0/threaded"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/440990"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/21200/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://archives.neohapsis.com/archives/bugtraq/2006-07/0419.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2542/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-19993"
      },
      {
        "db": "BID",
        "id": "19136"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002923"
      },
      {
        "db": "PACKETSTORM",
        "id": "48608"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-451"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3885"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-19993",
        "ident": null
      },
      {
        "db": "BID",
        "id": "19136",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002923",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "48608",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-451",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3885",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2006-07-27T00:00:00",
        "db": "VULHUB",
        "id": "VHN-19993",
        "ident": null
      },
      {
        "date": "2006-07-24T00:00:00",
        "db": "BID",
        "id": "19136",
        "ident": null
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-002923",
        "ident": null
      },
      {
        "date": "2006-07-28T01:04:26",
        "db": "PACKETSTORM",
        "id": "48608",
        "ident": null
      },
      {
        "date": "2006-07-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200607-451",
        "ident": null
      },
      {
        "date": "2006-07-27T01:04:00",
        "db": "NVD",
        "id": "CVE-2006-3885",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-10-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-19993",
        "ident": null
      },
      {
        "date": "2006-07-27T22:57:00",
        "db": "BID",
        "id": "19136",
        "ident": null
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-002923",
        "ident": null
      },
      {
        "date": "2006-07-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200607-451",
        "ident": null
      },
      {
        "date": "2025-04-03T01:03:51.193000",
        "db": "NVD",
        "id": "CVE-2006-3885",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-451"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Check Point Firewall-1 R55W Vulnerable to directory traversal",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002923"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "path traversal",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-451"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-3885 (GCVE-0-2006-3885)

FKIE_CVE-2006-3885

GHSA-3JMM-5P7R-97G4

GSD-2006-3885

VAR-200607-0417

Tags

Sightings

Nomenclature