Drupal View User Profile Authorization Bypass Vulnerability

Bugtraq ID: 15674
Class: Access Validation Error
CVE: CVE-2005-3974
Remote: Yes
Local: No
Published: Dec 01 2005 12:00AM
Updated: Feb 07 2006 08:54PM
Credit: Andrew Widdowson is credited with the discovery of this vulnerability.
Vulnerable: Drupal Drupal 4.6.3
Drupal Drupal 4.6.2
Drupal Drupal 4.6.1
Drupal Drupal 4.6
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Not Vulnerable: Drupal Drupal 4.6.4


 

Privacy Statement
Copyright 2010, SecurityFocus