CVE-2006-0917
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2006-0917
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Melange Chat Server (aka M-Chat), when accessed via a web browser, automatically sends cookies and other sensitive information for a server to any port specified in the associated link, which allows local users on that server to read the cookies from HTTP headers and possibly gain sensitive information, such as credentials, by setting up a listening port and reading the credentials when the victim clicks on the link.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Melange Chat会话层报头信息泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
在通过web浏览器访问Melange Chat Server(即M-Chat)时,Melange Chat Server会将服务器的cookies和其他敏感信息自动发送到相关链接中指定的任意端口,从而可使该服务器上的本地用户通过设置侦听端口并在受害用户点击链接时读取凭证,而从HTTP报头中读取cookies,并可能获取敏感信息(如凭证)。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2006-0917
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2006-0917
请登录查看更多情报信息。
- http://www.oh2600.com/forum/viewtopic.php?t=43x_refsource_MISC
- grab cookie information with Melange Chat Server 1.10 - CXSecurity.comthird-party-advisoryx_refsource_SREASON
- https://nvd.nist.gov/vuln/detail/CVE-2006-0917
Same Patch Batch · n/a · 2006-02-28 · 35 CVEs total
| CVE-2006-0936 | FreeHostShop Website Generator任意文件上传漏洞 | |
| CVE-2006-0928 | ArGoSoft Mail Server Pro POP3 Server远程信息泄露漏洞 | |
| CVE-2006-0929 | ArGoSoft Mail Server Pro IMAP Server远程目录遍历漏洞 | |
| CVE-2006-0930 | ArGoSoft Mail Server Webmail 目录遍历漏洞 | |
| CVE-2006-0931 | PHP PEAR::Archive_Tar 目录遍历漏洞 | |
| CVE-2006-0932 | Archive_Zip zip.lib.php 目录遍历漏洞 | |
| CVE-2006-0933 | PHPX 跨站脚本攻击漏洞 | |
| CVE-2006-0934 | WEBInsta Limbo 跨站脚本攻击漏洞 | |
| CVE-2006-0935 | Microsoft Word 拒绝服务漏洞 | |
| CVE-2006-0927 | Woltlab Burning Board多个跨站点脚本攻击漏洞 | |
| CVE-2006-0937 | U.N.U. Mailgust index.php 信息泄露漏洞 | |
| CVE-2006-0906 | D3Jeeb多个SQL注入漏洞 | |
| CVE-2006-0907 | PHP-Nuke SQL注入漏洞 | |
| CVE-2006-0908 | PHP-Nuke "ad_click"的/%2a (/*)SQL注入漏洞 | |
| CVE-2003-0885 | Xscreensaver漏洞 | |
| CVE-2003-1294 | SuSE XScreenSaver多个安全漏洞 | |
| CVE-2003-1295 | SuSE XScreenSaver多个安全漏洞 | |
| CVE-2006-0919 | Email Marketing System index.php SQL注入漏洞 | |
| CVE-2006-0910 | Invision Power Board (IPB) 多个目录敏感信息泄露漏洞 | |
| CVE-2006-0911 | Ipswitch WhatsUp Professional 2006远程拒绝服务漏洞 |
Showing top 20 of 35 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2006-0917
No comments yet