CVE-2006-4689
published 2006-11-14CVE-2006-4689: Unspecified vulnerability in the driver for the Client Service for NetWare (CSNW) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows…
PriorityP429medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
34.46%
98.2th percentile
Unspecified vulnerability in the driver for the Client Service for NetWare (CSNW) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to cause a denial of service (hang and reboot) via has unknown attack vectors, aka "NetWare Driver Denial of Service Vulnerability."
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_2003_server | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2006-6155 [HIGH] ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url DELETE
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url DELETE"; flow:established,to_server; http.uri; content:"/addrating.php?"; nocase; content:"url="; nocase; content:"DELETE"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2006-6155; reference:url,www.frsirt.com/english/advisories/2006/4689; classtype:web-application-attack; sid:2007413; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_
Suricata
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url INSERT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6155 [HIGH] ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url INSERT
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url INSERT"; flow:established,to_server; http.uri; content:"/addrating.php?"; nocase; content:"url="; nocase; content:"INSERT"; nocase; content:"INTO"; nocase; distance:0; reference:cve,CVE-2006-6155; reference:url,www.frsirt.com/english/advisories/2006/4689; classtype:web-application-attack; sid:2007412; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_
Suricata
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd UPDATE
suricata·2010-07-30·CVSS 7.5
CVE-2006-6155 [HIGH] ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd UPDATE
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd UPDATE"; flow:established,to_server; http.uri; content:"/addrating.php?"; nocase; content:"ipadd="; nocase; content:"UPDATE"; nocase; content:"SET"; nocase; distance:0; reference:cve,CVE-2006-6155; reference:url,www.frsirt.com/english/advisories/2006/4689; classtype:web-application-attack; sid:2007409; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, m
Suricata
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url UPDATE
suricata·2010-07-30·CVSS 7.5
CVE-2006-6155 [HIGH] ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url UPDATE
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url UPDATE"; flow:established,to_server; http.uri; content:"/addrating.php?"; nocase; content:"url="; nocase; content:"UPDATE"; nocase; content:"SET"; nocase; distance:0; reference:cve,CVE-2006-6155; reference:url,www.frsirt.com/english/advisories/2006/4689; classtype:web-application-attack; sid:2007415; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_t
Suricata
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6155 [HIGH] ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd SELECT
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd SELECT"; flow:established,to_server; http.uri; content:"/addrating.php?"; nocase; content:"ipadd="; nocase; content:"SELECT"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2006-6155; reference:url,www.frsirt.com/english/advisories/2006/4689; classtype:web-application-attack; sid:2007404; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11,
Suricata
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url UNION SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6155 [HIGH] ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url UNION SELECT
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url UNION SELECT"; flow:established,to_server; http.uri; content:"/addrating.php?"; nocase; content:"url="; nocase; content:"UNION"; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2006-6155; reference:url,www.frsirt.com/english/advisories/2006/4689; classtype:web-application-attack; sid:2007411; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_
Suricata
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd ASCII
suricata·2010-07-30·CVSS 7.5
CVE-2006-6155 [HIGH] ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd ASCII
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd ASCII"; flow:established,to_server; http.uri; content:"/addrating.php?"; nocase; content:"ipadd="; nocase; content:"ASCII("; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2006-6155; reference:url,www.frsirt.com/english/advisories/2006/4689; classtype:web-application-attack; sid:2007408; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11,
Suricata
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6155 [HIGH] ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url SELECT
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url SELECT"; flow:established,to_server; http.uri; content:"/addrating.php?"; nocase; content:"url="; nocase; content:"SELECT"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2006-6155; reference:url,www.frsirt.com/english/advisories/2006/4689; classtype:web-application-attack; sid:2007410; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_
Suricata
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url ASCII
suricata·2010-07-30·CVSS 7.5
CVE-2006-6155 [HIGH] ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url ASCII
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php url ASCII"; flow:established,to_server; http.uri; content:"/addrating.php?"; nocase; content:"url="; nocase; content:"ASCII("; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2006-6155; reference:url,www.frsirt.com/english/advisories/2006/4689; classtype:web-application-attack; sid:2007414; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_
Suricata
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd UNION SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6155 [HIGH] ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd UNION SELECT
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd UNION SELECT"; flow:established,to_server; http.uri; content:"/addrating.php?"; nocase; content:"ipadd="; nocase; content:"UNION"; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2006-6155; reference:url,www.frsirt.com/english/advisories/2006/4689; classtype:web-application-attack; sid:2007405; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at
Suricata
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2006-6155 [HIGH] ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd DELETE
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd DELETE"; flow:established,to_server; http.uri; content:"/addrating.php?"; nocase; content:"ipadd="; nocase; content:"DELETE"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2006-6155; reference:url,www.frsirt.com/english/advisories/2006/4689; classtype:web-application-attack; sid:2007407; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11,
Suricata
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd INSERT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6155 [HIGH] ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd INSERT
ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS HIOX Star Rating System Script (HSRS) SQL Injection Attempt -- addrating.php ipadd INSERT"; flow:established,to_server; http.uri; content:"/addrating.php?"; nocase; content:"ipadd="; nocase; content:"INSERT"; nocase; content:"INTO"; nocase; distance:0; reference:cve,CVE-2006-6155; reference:url,www.frsirt.com/english/advisories/2006/4689; classtype:web-application-attack; sid:2007406; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11,
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/22866http://securitytracker.com/id?1017224http://www.securityfocus.com/archive/1/451844/100/0/threadedhttp://www.securityfocus.com/bid/20984http://www.us-cert.gov/cas/techalerts/TA06-318A.htmlhttp://www.vupen.com/english/advisories/2006/4504https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-066https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A413http://secunia.com/advisories/22866http://securitytracker.com/id?1017224http://www.securityfocus.com/archive/1/451844/100/0/threadedhttp://www.securityfocus.com/bid/20984http://www.us-cert.gov/cas/techalerts/TA06-318A.htmlhttp://www.vupen.com/english/advisories/2006/4504https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-066https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A413
2006-11-14
Published