Vulnerabilities > CVE-2006-2221

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

local

low complexity

bitrock

process-one

NVD

Published: 2006-05-05

Updated: 2018-10-18

Summary

A third-party installer generation tool, possibly BitRock InstallBuilder, as used in products including Process-one ejabberd 1.1.1_1 and earlier, generates an installer that allows local users to cause a denial of service via a symlink attack on the bitrock_installer.log temporary file. NOTE: it is possible that this vulnerability is present in other products that use this installer. This vulnerability is addressed in the following product releases: Process-one, ejabberd, 1.1.1_2 BitRock, Install Builder, 3.7.0

Vulnerable Configurations

Part	Description	Count
Application	Bitrock Bitrock Install Builder *	1
Application	Process-One Process ONE Ejabberd 1.1.1.0 Process ONE Ejabberd 0.9 Process ONE Ejabberd 0.9.1 Process ONE Ejabberd 0.9.8 Process ONE Ejabberd 1.0.0 Process ONE Ejabberd 1.1.0 Process ONE Ejabberd 1.1.1 Process ONE Ejabberd 1.1.1.1	8

Vulnerabilities > CVE-2006-2221 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2006-2221"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2006-2221