Usta AYBS Security Breach

Usta AYBS is an application from Usta. A security vulnerability exists in Usta AYBS versions prior to 1.0.3 that stems from a user control key vulnerability in Usta AYBS that leads to an authorization bypass, allowing authentication misuse, and authentication bypass...

httpd: ap_get_basic_auth_pw() authentication bypass

It was discovered that the use of httpd's apgetbasicauthpw API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd...