CVE-2006-1386 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2006-1386

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

The (1) rdiff and (2) preview scripts in TWiki 4.0 and 4.0.1 ignore access control settings, which allows remote attackers to read restricted areas and access restricted content in TWiki topics.

Affected Software

Name	Vendor	Start Version	End Version
Twiki	Twiki	4.0 (including)	4.0 (including)
Twiki	Twiki	4.0.1 (including)	4.0.1 (including)

References

http://secunia.com/advisories/19410
http://securitytracker.com/id?1015843
http://twiki.org/cgi-bin/view/Codev/SecurityAlertTWiki4RdiffPreviewAccess
http://www.securityfocus.com/bid/17268
http://www.vupen.com/english/advisories/2006/1116
https://exchange.xforce.ibmcloud.com/vulnerabilities/25444