PT-2002-1182 · Geeklog · Geeklog

Published

2002-03-25

Updated

2008-09-05

CVE-2002-0096

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Geeklog version 1.3

Description The issue arises during the installation of Geeklog, where an extra group assignments record is created but not properly deleted. As a result, the first newly created user is inadvertently added to the GroupAdmin and UserAdmin groups, potentially granting them unintended administrative privileges.

Recommendations For Geeklog version 1.3, ensure that the extra group assignments record is manually deleted after installation to prevent unintended administrative access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0096

Affected Products

Geeklog

PT-2002-1182 · Geeklog · Geeklog

CVE-2002-0096

Related Identifiers

Affected Products

References · 6