Vulnerabilities > CVE-2006-0174 - Multiple vulnerability in Hummingbird Collaboration and Enterprise Collaboration
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to obtain sensitive information (intranet IP addresses and enumerations of valid parameter values) via a direct request to hc, which reveals the information in an error message or a cookie.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 6 |
Exploit-Db
| description | Hummingbird Collaboration Application Cookie Internal Network Information Disclosure. CVE-2006-0174. Webapps exploit for cgi platform |
| id | EDB-ID:27062 |
| last seen | 2016-02-03 |
| modified | 2006-01-10 |
| published | 2006-01-10 |
| reporter | Luca Carettoni |
| source | https://www.exploit-db.com/download/27062/ |
| title | Hummingbird Collaboration Application Cookie Internal Network Information Disclosure |
References
- http://secunia.com/advisories/18411
- http://securityreason.com/securityalert/328
- http://www.securenetwork.it/advisories/sn-2006-01.html
- http://www.securityfocus.com/archive/1/421392/100/0/threaded
- http://www.securityfocus.com/bid/16195
- http://www.vupen.com/english/advisories/2006/0145
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24069