SubText MultiBlog Arbitrary Blog Authentication Bypass

2006-06-10T12:19:05
ID OSVDB:26325
Type osvdb
Reporter OSVDB
Modified 2006-06-10T12:19:05

Description

Solution Description

Upgrade to version 1.5.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://subtextproject.com/ Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=423716 Secunia Advisory ID:20580 FrSIRT Advisory: ADV-2006-2295 CVE-2006-3046