CVE-2006-1654 - Vulnerability Details - OpenCVE

Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows before 20060402 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 5225.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hp	Color Laserjet Color Laserjet 2500 Color Laserjet 2500 Toolbox Color Laserjet 2500l Color Laserjet 2500lse Color Laserjet 2500n Color Laserjet 2500tn Color Laserjet 4600 Color Laserjet 4600 Toolbox

Configuration 1 [-]

OR	cpe:2.3:a:hp:color_laserjet_2500_toolbox::::::::
	cpe:2.3:a:hp:color_laserjet_4600_toolbox::::::::
	cpe:2.3:h:hp:color_laserjet:4600dn:::::::*
	cpe:2.3:h:hp:color_laserjet:4600dtn:::::::*
	cpe:2.3:h:hp:color_laserjet:4600hdn:::::::*
	cpe:2.3:h:hp:color_laserjet_2500::::::::
	cpe:2.3:h:hp:color_laserjet_2500l::::::::
	cpe:2.3:h:hp:color_laserjet_2500lse::::::::
	cpe:2.3:h:hp:color_laserjet_2500n::::::::
	cpe:2.3:h:hp:color_laserjet_2500tn::::::::
	cpe:2.3:h:hp:color_laserjet_4600::::::::

No data.

References

Link	Providers
http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0085.html
http://secunia.com/advisories/19529
http://securitytracker.com/id?1015862
http://www.osvdb.org/24396
http://www.securityfocus.com/archive/1/429893/100/0/threaded
http://www.securityfocus.com/archive/1/429984/100/0/threaded
http://www.securityfocus.com/bid/17367
http://www.vupen.com/english/advisories/2006/1230
https://exchange.xforce.ibmcloud.com/vulnerabilities/25627

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-04-06T10:00:00

Updated: 2024-08-07T17:19:49.234Z

Reserved: 2006-04-06T00:00:00

Link: CVE-2006-1654

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2006-04-06T10:04:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2006-1654

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-04-02T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows before 20060402 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 5225."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20060404 [SEC-1 LTD] HP Colour LaserJet 2500 and 4600 Toolbox Directory Traversal Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/429984/100/0/threaded"}, {"name": "24396", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/24396"}, {"name": "17367", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/17367"}, {"name": "20060404 [SEC-1 LTD] HP Colour LaserJet 2500 and 4600 Toolbox Directory Traversal Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0085.html"}, {"name": "hp-laserjet-toolbox-directory-traversal(25627)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25627"}, {"name": "19529", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19529"}, {"name": "1015862", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1015862"}, {"name": "HPSBPI2109", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://www.securityfocus.com/archive/1/429893/100/0/threaded"}, {"name": "SSRT061141", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://www.securityfocus.com/archive/1/429893/100/0/threaded"}, {"name": "ADV-2006-1230", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1230"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2006-1654", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows before 20060402 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 5225."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20060404 [SEC-1 LTD] HP Colour LaserJet 2500 and 4600 Toolbox Directory Traversal Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/429984/100/0/threaded"}, {"name": "24396", "refsource": "OSVDB", "url": "http://www.osvdb.org/24396"}, {"name": "17367", "refsource": "BID", "url": "http://www.securityfocus.com/bid/17367"}, {"name": "20060404 [SEC-1 LTD] HP Colour LaserJet 2500 and 4600 Toolbox Directory Traversal Vulnerability", "refsource": "FULLDISC", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0085.html"}, {"name": "hp-laserjet-toolbox-directory-traversal(25627)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25627"}, {"name": "19529", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19529"}, {"name": "1015862", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015862"}, {"name": "HPSBPI2109", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/429893/100/0/threaded"}, {"name": "SSRT061141", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/429893/100/0/threaded"}, {"name": "ADV-2006-1230", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1230"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T17:19:49.234Z"}, "title": "CVE Program Container", "references": [{"name": "20060404 [SEC-1 LTD] HP Colour LaserJet 2500 and 4600 Toolbox Directory Traversal Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/429984/100/0/threaded"}, {"name": "24396", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/24396"}, {"name": "17367", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/17367"}, {"name": "20060404 [SEC-1 LTD] HP Colour LaserJet 2500 and 4600 Toolbox Directory Traversal Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0085.html"}, {"name": "hp-laserjet-toolbox-directory-traversal(25627)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25627"}, {"name": "19529", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19529"}, {"name": "1015862", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1015862"}, {"name": "HPSBPI2109", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/429893/100/0/threaded"}, {"name": "SSRT061141", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/429893/100/0/threaded"}, {"name": "ADV-2006-1230", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/1230"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-1654", "datePublished": "2006-04-06T10:00:00", "dateReserved": "2006-04-06T00:00:00", "dateUpdated": "2024-08-07T17:19:49.234Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hp:color_laserjet_2500_toolbox:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A304024-34D2-42C3-98F4-6BE6BEEEE380", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:color_laserjet_4600_toolbox:*:*:*:*:*:*:*:*", "matchCriteriaId": "93C88DC2-EAE6-443A-BAF2-78943D1F88C5", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet:4600dn:*:*:*:*:*:*:*", "matchCriteriaId": "B99CE20D-49C1-4F5B-9C38-9CAE666A291B", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet:4600dtn:*:*:*:*:*:*:*", "matchCriteriaId": "43DEF370-33FF-427F-A18B-7256856F7231", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet:4600hdn:*:*:*:*:*:*:*", "matchCriteriaId": "001EEE62-31B1-40AC-81BC-A75D75798887", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_2500:*:*:*:*:*:*:*:*", "matchCriteriaId": "C2E92501-3E8C-4E61-9B65-87A7344747E4", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_2500l:*:*:*:*:*:*:*:*", "matchCriteriaId": "16651605-4616-44F8-8401-8DD057932BBA", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_2500lse:*:*:*:*:*:*:*:*", "matchCriteriaId": "8ADB9132-CEF5-47A0-AC21-BE6B7F89B166", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_2500n:*:*:*:*:*:*:*:*", "matchCriteriaId": "CEB99C79-1DB4-4545-8457-515B1F9F484B", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_2500tn:*:*:*:*:*:*:*:*", "matchCriteriaId": "95B58AD8-F848-4286-8AB4-A8EA0372D5D2", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_4600:*:*:*:*:*:*:*:*", "matchCriteriaId": "A6A133B7-AEA8-4F26-8632-2CEDE9EBB66E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows before 20060402 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 5225."}], "id": "CVE-2006-1654", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-04-06T10:04:00.000", "references": [{"source": "[email protected]", "tags": ["Exploit", "Patch"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0085.html"}, {"source": "[email protected]", "url": "http://secunia.com/advisories/19529"}, {"source": "[email protected]", "tags": ["Exploit", "Patch"], "url": "http://securitytracker.com/id?1015862"}, {"source": "[email protected]", "url": "http://www.osvdb.org/24396"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/archive/1/429893/100/0/threaded"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/archive/1/429893/100/0/threaded"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/archive/1/429984/100/0/threaded"}, {"source": "[email protected]", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/17367"}, {"source": "[email protected]", "url": "http://www.vupen.com/english/advisories/2006/1230"}, {"source": "[email protected]", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25627"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0085.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19529"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "http://securitytracker.com/id?1015862"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/24396"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/429893/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/429893/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/429984/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/17367"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/1230"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25627"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "[email protected]", "type": "Primary"}]}