Cerberus Helpdesk rpc.php Arbitrary Ticket Information Disclosure

2006-10-15T06:48:55
ID OSVDB:29790
Type osvdb
Reporter OSVDB
Modified 2006-10-15T06:48:55

Description

Manual Testing Notes

/rpc.php?cmd=display_get_requesters&id=1000

References:

Vendor Specific News/Changelog Entry: http://forum.cerberusweb.com/showthread.php?t=7922 Secunia Advisory ID:22418 ISS X-Force ID: 29655 FrSIRT Advisory: ADV-2006-4089 CVE-2006-5428 Bugtraq ID: 20598