Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2008-1475
Description:The xml-rpc server in Roundup 1.4.4 does not check property permissions, which allows attackers to bypass restrictions and edit or read restricted properties via the (1) list, (2) display, and (3) set methods.
Test IDs: 1.3.6.1.4.1.25623.1.0.61893   1.3.6.1.4.1.25623.1.0.61888  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2008-1475
BugTraq ID: 28238
http://www.securityfocus.com/bid/28238
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00264.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00375.html
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00452.html
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00478.html
http://security.gentoo.org/glsa/glsa-200805-21.xml
https://bugzilla.redhat.com/show_bug.cgi?id=436546
http://secunia.com/advisories/29336
http://secunia.com/advisories/29375
http://secunia.com/advisories/30274
http://secunia.com/advisories/32805
http://www.vupen.com/english/advisories/2008/0891
XForce ISS Database: roundup-xmlrpc-security-bypass(41240)
https://exchange.xforce.ibmcloud.com/vulnerabilities/41240




© 1998-2024 E-Soft Inc. All rights reserved.