NewsBruiser Comment System Security Restrictions Bypass Vulnerability
BID:12579
Info
NewsBruiser Comment System Security Restrictions Bypass Vulnerability
| Bugtraq ID: | 12579 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 17 2005 12:00AM |
| Updated: | Feb 17 2005 12:00AM |
| Credit: | Discovery is credited to Jarno. |
| Vulnerable: |
NewsBruiser NewsBruiser 2.6 NewsBruiser NewsBruiser 2.5 NewsBruiser NewsBruiser 2.4.1 NewsBruiser NewsBruiser 2.4 NewsBruiser NewsBruiser 2.3 NewsBruiser NewsBruiser 2.2 NewsBruiser NewsBruiser 2.1 NewsBruiser NewsBruiser 2.0 |
| Not Vulnerable: |
NewsBruiser NewsBruiser 2.6.1 |
Discussion
NewsBruiser Comment System Security Restrictions Bypass Vulnerability
NewsBruiser is reported prone to a security restriction bypass vulnerability. A remote attacker may delete or approve comments on a site adversely affecting the availability or integrity of data.
NewsBruiser 2.6.0 and prior versions are affected by this issue.
NewsBruiser is reported prone to a security restriction bypass vulnerability. A remote attacker may delete or approve comments on a site adversely affecting the availability or integrity of data.
NewsBruiser 2.6.0 and prior versions are affected by this issue.
Exploit / POC
NewsBruiser Comment System Security Restrictions Bypass Vulnerability
An exploit is likely not required.
An exploit is likely not required.
Solution / Fix
NewsBruiser Comment System Security Restrictions Bypass Vulnerability
Solution:
The vendor has released NewsBruiser 2.6.1 to address this issue.
NewsBruiser NewsBruiser 2.0
NewsBruiser NewsBruiser 2.1
NewsBruiser NewsBruiser 2.2
NewsBruiser NewsBruiser 2.3
NewsBruiser NewsBruiser 2.4
NewsBruiser NewsBruiser 2.4.1
NewsBruiser NewsBruiser 2.5
NewsBruiser NewsBruiser 2.6
Solution:
The vendor has released NewsBruiser 2.6.1 to address this issue.
NewsBruiser NewsBruiser 2.0
-
NewsBruiser NewsBruiser-2.6.1.tar.gz
http://newsbruiser.tigris.org/files/documents/158/20687/NewsBruiser-2. 6.1.tar.gz
NewsBruiser NewsBruiser 2.1
-
NewsBruiser NewsBruiser-2.6.1.tar.gz
http://newsbruiser.tigris.org/files/documents/158/20687/NewsBruiser-2. 6.1.tar.gz
NewsBruiser NewsBruiser 2.2
-
NewsBruiser NewsBruiser-2.6.1.tar.gz
http://newsbruiser.tigris.org/files/documents/158/20687/NewsBruiser-2. 6.1.tar.gz
NewsBruiser NewsBruiser 2.3
-
NewsBruiser NewsBruiser-2.6.1.tar.gz
http://newsbruiser.tigris.org/files/documents/158/20687/NewsBruiser-2. 6.1.tar.gz
NewsBruiser NewsBruiser 2.4
-
NewsBruiser NewsBruiser-2.6.1.tar.gz
http://newsbruiser.tigris.org/files/documents/158/20687/NewsBruiser-2. 6.1.tar.gz
NewsBruiser NewsBruiser 2.4.1
-
NewsBruiser NewsBruiser-2.6.1.tar.gz
http://newsbruiser.tigris.org/files/documents/158/20687/NewsBruiser-2. 6.1.tar.gz
NewsBruiser NewsBruiser 2.5
-
NewsBruiser NewsBruiser-2.6.1.tar.gz
http://newsbruiser.tigris.org/files/documents/158/20687/NewsBruiser-2. 6.1.tar.gz
NewsBruiser NewsBruiser 2.6
-
NewsBruiser NewsBruiser-2.6.1.tar.gz
http://newsbruiser.tigris.org/files/documents/158/20687/NewsBruiser-2. 6.1.tar.gz
References
NewsBruiser Comment System Security Restrictions Bypass Vulnerability
References:
References:
- NewsBruiser Home Page (NewsBruiser)