PT-2002-1182 · Geeklog · Geeklog

Publicado

2002-03-25

Atualizado

2008-09-05

CVE-2002-0096

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Geeklog version 1.3

Description The issue arises during the installation of Geeklog, where an extra group assignments record is created but not properly deleted. As a result, the first newly created user is inadvertently added to the GroupAdmin and UserAdmin groups, potentially granting them unintended administrative privileges.

Recommendations For Geeklog version 1.3, ensure that the extra group assignments record is manually deleted after installation to prevent unintended administrative access.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2002-0096

Produtos afetados

Geeklog

PT-2002-1182 · Geeklog · Geeklog

CVE-2002-0096

Identificadores relacionados

Produtos afetados

Referências · 6