CVE-2006-1505

Sažetak

base_maintenance.php in Basic Analysis and Security Engine (BASE) before 1.2.4 (melissa), when running in standalone mode, allows remote attackers to bypass authentication, possibly by setting the standalone parameter to "yes".

Reference

http://cvs.sourceforge.net/viewcvs.py/secureideas/base-php4/docs/CHANGELOG?rev=1.233&view=markup
http://secunia.com/advisories/19510
http://www.osvdb.org/24101
http://www.securityfocus.com/bid/17354
http://www.vupen.com/english/advisories/2006/1192

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

08-03-2011 - 02:33

Objavljeno

30-03-2006 - 01:06