PT-2006-2097 · Geeklog · Geeklog
Konstantin Dyakoff
·
Published
2006-03-07
·
Updated
2011-03-08
·
CVE-2006-1069
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Geeklog versions 1.3.9 through 1.3.9 before 1.3.9sr5
Geeklog versions 1.3.11 through 1.3.11 before 1.3.11sr5
Geeklog versions 1.4.x through 1.4.0 before 1.4.0sr2
Description
The issue is related to an unspecified vulnerability in the session handling, which allows attackers to gain privileges as arbitrary users via unknown vectors.
Recommendations
For Geeklog versions 1.3.9 through 1.3.9 before 1.3.9sr5, update to version 1.3.9sr5 or later.
For Geeklog versions 1.3.11 through 1.3.11 before 1.3.11sr5, update to version 1.3.11sr5 or later.
For Geeklog versions 1.4.x through 1.4.0 before 1.4.0sr2, update to version 1.4.0sr2 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Geeklog