Unrated severityNVD Advisory· Published Jul 7, 2006· Updated Jun 16, 2026
CVE-2006-3425
CVE-2006-3425
Description
FastPatch for (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1, and (b) Novell ZENworks 6.2 SR1 and earlier, does not require authentication for dagent/proxyreg.asp, which allows remote attackers to list, add, or delete PatchLink Distribution Point (PDP) proxy servers via modified (1) List, (2) Proxy, or (3) Delete parameters.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:lumension:patchlink_update_server:6.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:lumension:patchlink_update_server:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:lumension:patchlink_update_server:6.2.0.181:*:*:*:*:*:*:*
- cpe:2.3:a:lumension:patchlink_update_server:6.2.0.189:*:*:*:*:*:*:*
- Range: <6.1 P1, 6.2.x <6.2 SR1 P1
Patches
Vulnerability mechanics
References
9- secunia.com/advisories/20876nvdPatchVendor Advisory
- secunia.com/advisories/20878nvdPatchVendor Advisory
- securitytracker.com/idnvdPatch
- lists.grok.org.uk/pipermail/full-disclosure/2006-June/047495.htmlnvd
- securityreason.com/securityalert/1200nvd
- www.securityfocus.com/archive/1/438710/100/0/threadednvd
- www.securityfocus.com/bid/18723nvd
- www.vupen.com/english/advisories/2006/2595nvd
- www.vupen.com/english/advisories/2006/2596nvd
News mentions
0No linked articles in our index yet.