CVE-2008-6057

Name of the Vulnerable Software and Affected Versions Liberum Help Desk version 0.97.3

Description The issue allows remote attackers to obtain passwords due to insufficient access control. Specifically, the db/helpdesk2000.mdb file is stored under the web root, enabling attackers to access it via a direct request.

Recommendations For version 0.97.3, consider restricting access to the db/helpdesk2000.mdb file to prevent unauthorized access until a patch is available. As a temporary workaround, moving the file outside of the web root or implementing proper access controls can help mitigate the risk of exploitation.