CVE-2008-1475
N/A
N/A
Summary
The xml-rpc server in Roundup 1.4.4 does not check property permissions, which allows attackers to bypass restrictions and edit or read restricted properties via the (1) list, (2) display, and (3) set methods.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://secunia.com/advisories/30274
- https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00478.html
- http://www.securityfocus.com/bid/28238
- http://security.gentoo.org/glsa/glsa-200805-21.xml
- http://secunia.com/advisories/29336
- http://sourceforge.net/tracker/index.php?func=detail&aid=1907211&group_id=31577&atid=402788
- https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00452.html
- https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00375.html
- https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00264.html
- http://secunia.com/advisories/32805
- http://secunia.com/advisories/29375
- https://bugzilla.redhat.com/show_bug.cgi?id=436546
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41240
- http://www.vupen.com/english/advisories/2008/0891
References
- http://secunia.com/advisories/30274
- https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00478.html
- http://www.securityfocus.com/bid/28238
- http://security.gentoo.org/glsa/glsa-200805-21.xml
- http://secunia.com/advisories/29336
- http://sourceforge.net/tracker/index.php?func=detail&aid=1907211&group_id=31577&atid=402788
- https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00452.html
- https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00375.html
- https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00264.html
- http://secunia.com/advisories/32805
- http://secunia.com/advisories/29375
- https://bugzilla.redhat.com/show_bug.cgi?id=436546
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41240
- http://www.vupen.com/english/advisories/2008/0891
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.