Описание
PEAR::Auth potential authentication bypass vulnerability
Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and 1.3.x before 1.3.0r4, allow remote attackers to "falsify authentication credentials," related to the "underlying storage containers."
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-0868
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24854
- https://web.archive.org/web/20060315074736/http://securitytracker.com/alerts/2006/Feb/1015666.html
- https://web.archive.org/web/20060408105851/http://www.securityfocus.com/bid/16758
- https://web.archive.org/web/20201207144810/http://www.securityfocus.com/archive/1/425796/100/0/threaded
- http://pear.php.net/package/Auth/download/1.2.4
- http://pear.php.net/package/Auth/download/1.3.0r4
- http://www.gentoo.org/security/en/glsa/glsa-200603-13.xml
Пакеты
pear/auth
< 1.2.4
1.2.4
pear/auth
>= 1.3.0r1, < 1.3.0r4
1.3.0r4
EPSS
CVE ID
Связанные уязвимости
Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and 1.3.x before 1.3.0r4, allow remote attackers to "falsify authentication credentials," related to the "underlying storage containers."
Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and 1.3.x before 1.3.0r4, allow remote attackers to "falsify authentication credentials," related to the "underlying storage containers."
Multiple unspecified injection vulnerabilities in unspecified Auth Con ...
EPSS