Описание
ownCloud 4.0.x before 4.0.10 and 4.5.x before 4.5.5 does not properly restrict access to settings.php, which allows remote attackers to edit app configurations of user_webdavauth and user_ldap by editing this file.
ownCloud 4.0.x before 4.0.10 and 4.5.x before 4.5.5 does not properly restrict access to settings.php, which allows remote attackers to edit app configurations of user_webdavauth and user_ldap by editing this file.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-5665
- https://github.com/owncloud/core/commit/c4ecbad
- https://github.com/owncloud/core/commit/db7ca53
- https://exchange.xforce.ibmcloud.com/vulnerabilities/80808
- http://owncloud.org/changelog
- http://secunia.com/advisories/51614
- http://www.openwall.com/lists/oss-security/2012/12/22/2
- http://www.openwall.com/lists/oss-security/2012/12/22/5
- http://www.securityfocus.com/bid/57030
EPSS
CVE ID
Связанные уязвимости
ownCloud 4.0.x before 4.0.10 and 4.5.x before 4.5.5 does not properly restrict access to settings.php, which allows remote attackers to edit app configurations of user_webdavauth and user_ldap by editing this file.
ownCloud 4.0.x before 4.0.10 and 4.5.x before 4.5.5 does not properly restrict access to settings.php, which allows remote attackers to edit app configurations of user_webdavauth and user_ldap by editing this file.
ownCloud 4.0.x before 4.0.10 and 4.5.x before 4.5.5 does not properly ...
EPSS