phpWebSite Multiple Instance Administrative Privilege

2001-07-19T00:00:00
ID OSVDB:3849
Type osvdb
Reporter OSVDB
Modified 2001-07-19T00:00:00

Description

Vulnerability Description

phpWebSite contains a flaw that allows an attacker to gain administrative priveleges. The issue occurs when multiple instances of the program are running under a single domain.

Solution Description

Upgrade to version 0.7.9 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

phpWebSite contains a flaw that allows an attacker to gain administrative priveleges. The issue occurs when multiple instances of the program are running under a single domain.

References:

Vendor URL: http://phpwebsite.appstate.edu/ Mail List Post: http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0005.html ISS X-Force ID: 10207 CVE-2001-1363