Stanford Conference And Research Forum Authentication Bypass Vulnerability
BID:20934
Info
Stanford Conference And Research Forum Authentication Bypass Vulnerability
| Bugtraq ID: | 20934 |
| Class: | Access Validation Error |
| CVE: |
CVE-2006-5909 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 06 2006 12:00AM |
| Updated: | Jul 06 2016 02:40PM |
| Credit: | navairum is credited with the discovery of this issue. |
| Vulnerable: |
Stanford University Stanford Conference And Research Forum beta |
| Not Vulnerable: | |
Discussion
Stanford Conference And Research Forum Authentication Bypass Vulnerability
Stanford Conference And Research Forum is prone to an authentication-bypass vulnerability due to an insufficient authentication check.
Attackers could leverage this issue to access or modify sensitive data and escalate user privileges.
Stanford Conference And Research Forum is prone to an authentication-bypass vulnerability due to an insufficient authentication check.
Attackers could leverage this issue to access or modify sensitive data and escalate user privileges.
Exploit / POC
Stanford Conference And Research Forum Authentication Bypass Vulnerability
Attackers can exploit this issue via a web client.
Attackers can exploit this issue via a web client.
Solution / Fix
Stanford Conference And Research Forum Authentication Bypass Vulnerability
Solution:
This issue has been addressed by the vendor. Please see the references for more information.
Stanford University Stanford Conference And Research Forum beta
Solution:
This issue has been addressed by the vendor. Please see the references for more information.
Stanford University Stanford Conference And Research Forum beta
-
Stanford University scarf-beta.tgz
http://prdownloads.sourceforge.net/scarf/scarf-beta.tgz?download
References
Stanford Conference And Research Forum Authentication Bypass Vulnerability
References:
References:
- SCARF Homepage (Stanford University)
- Re: Stanford university SCARF user editing ([email protected])
- Stanford university SCARF user editing (navairum)