Описание
Domain Technologie Control (DTC) before 0.32.9 does not require authentication for (1) admin/bw_per_month.php and (2) client/bw_per_month.php, which allows remote attackers to obtain potentially sensitive bandwidth information via a direct request.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 0.32.10-1 |
| hardy | released | 0.25.3-2ubuntu1.1 |
| karmic | released | 0.29.17-1+lenny1build0.9.10.1 |
| lucid | released | 0.30.10-1ubuntu1 |
| maverick | released | 0.30.18-1ubuntu1 |
| upstream | released | 0.32.10-1 |
Показывать по
Ссылки на источники
5 Medium
CVSS2
Связанные уязвимости
Domain Technologie Control (DTC) before 0.32.9 does not require authentication for (1) admin/bw_per_month.php and (2) client/bw_per_month.php, which allows remote attackers to obtain potentially sensitive bandwidth information via a direct request.
Domain Technologie Control (DTC) before 0.32.9 does not require authen ...
Domain Technologie Control (DTC) before 0.32.9 does not require authentication for (1) admin/bw_per_month.php and (2) client/bw_per_month.php, which allows remote attackers to obtain potentially sensitive bandwidth information via a direct request.
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
5 Medium
CVSS2