CVE-2006-4959
https://notcve.org/view.php?id=CVE-2006-4959
Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available. Sun Secure Global Desktop (SSGD, también conocido como Tarantella) anterior a 4.3 permite a un atacante remoto obtener información sensible, incluyendo el nombre del servidor, versiones, y detalles de configuración, a través de vectores no especificados, posiblemente afecte a 1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, o (7) test-cgi. NOTA: Esta información esta basa en una información inicial. • http://secunia.com/advisories/22037 http://securityreason.com/securityalert/1623 http://securitytracker.com/id?1016900 http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555 http://www.securityfocus.com/archive/1/446566/100/0/threaded http://www.securityfocus.com/bid/20135 http://www.vupen.com/english/advisories/2006/3739 https://exchange.xforce.ibmcloud.com/vulnerabilities/29076 •
CVE-2006-4958
https://notcve.org/view.php?id=CVE-2006-4958
Multiple cross-site scripting (XSS) vulnerabilities in Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.20.983 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Sun Secure Global Desktop (SSGD, también conocido como Tarantella) anterior a 4.20.983 permite a un atacante remoto inyectar secuencias de comandos web o HTML de su elección a través de vectores no especificados, posiblemente afecte a (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, o (7) test-cgi. NOTA: Esta información se basa sobre en una información básica. • http://secunia.com/advisories/22037 http://securityreason.com/securityalert/1623 http://securitytracker.com/id?1016900 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102650-1 http://support.avaya.com/elmodocs2/security/ASA-2006-235.htm http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555 http://www.securityfocus.com/archive/1/446566/100/0/threaded http://www.securityfocus.com/bid/20135 http://www.securityfocus.com/bid/20276 http://www.vupen.com/english/advisorie •