Back to search
CVE-2006-3425
Published: Jul 7, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
FastPatch for (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1, and (b) Novell ZENworks 6.2 SR1 and earlier, does not require authentication for dagent/proxyreg.asp, which allows remote attackers to list, add, or delete PatchLink Distribution Point (PDP) proxy servers via modified (1) List, (2) Proxy, or (3) Delete parameters.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20060629 Multiple Vulnerabilities in PatchLink Update Server 6
mailing-list
x_refsource_FULLDISC
20060629 Multiple Vulnerabilities in PatchLink Update Server 6
mailing-list
x_refsource_BUGTRAQ
20876
third-party-advisory
x_refsource_SECUNIA
20878
third-party-advisory
x_refsource_SECUNIA
1200
third-party-advisory
x_refsource_SREASON
ADV-2006-2596
vdb-entry
x_refsource_VUPEN
ADV-2006-2595
vdb-entry
x_refsource_VUPEN
1016405
vdb-entry
x_refsource_SECTRACK
18723
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now