PostNuke Multiple Module Direct Request Authentication Bypass

ID OSVDB:23434
Type osvdb
Reporter OSVDB
Modified 2006-02-19T05:32:43


Solution Description

Upgrade to version .762 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Manual Testing Notes

http://[target]/[path]/admin.php?module=NS-Languages http://[target]/[path]/admin.php?module=Banners


Vendor URL: Vendor Specific News/Changelog Entry: Secunia Advisory ID:18937 Related OSVDB ID: 23436 Related OSVDB ID: 23433 Related OSVDB ID: 23435 Other Advisory URL: Mail List Post: FrSIRT Advisory: ADV-2006-0673 CVE-2006-0800 Bugtraq ID: 16752