Vulnerabilities > CVE-2006-2169 - Information Disclosure vulnerability in Best Practical Solutions Request Tracker 3.5.Head

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

best-practical-solutions

NVD

Published: 2006-05-04

Updated: 2017-07-20

Summary

RT: Request Tracker 3.5.HEAD allows remote attackers to obtain sensitive information via the Rows parameter in Dist/Display.html, which reveals the installation path in an error message.

Vulnerable Configurations

Part	Description	Count
Application	Best_Practical_Solutions Best Practical Solutions Request Tracker 3.5.Head	1

References

http://pridels0.blogspot.com/2006/04/rt-request-tracker-vuln.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/26164