CVE-2010-1191

Sažetak

Sahana disaster management system 0.6.2.2, and possibly other versions, allows remote attackers to bypass intended access restrictions and disable administrator authentication via a direct request to stream.php in an acl_enable_acl action to the admin module.

Reference

http://secunia.com/advisories/39020
http://sourceforge.net/tracker/?func=detail&aid=2970786&group_id=127855&atid=709778
http://www.securityfocus.com/archive/1/510164/100/0/threaded

CVSS

Base:	6.4
Impact:	4.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:P/A:P

Zadnje važnije ažuriranje

10-10-2018 - 19:56

Objavljeno

31-03-2010 - 18:00