5 matches found
CVE-2009-2737
The CVE-2009-2737 issue affects Roundup. In Roundup 1.2 before 1.2.1 and 1.4 through 1.4.6, the EditCSVAction function in cgi/actions.py does not properly enforce permissions. This allows remote authenticated users with edit or create privileges for a class to modify arbitrary items within that c...
Debian Security Advisory DSA 1754-1 (roundup)
The remote host is missing an update to roundup announced via advisory DSA 1754-1. OpenVAS Vulnerability Test $Id: deb17541.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1754-1 roundup Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Debian DSA-1754-1 : roundup - insufficient access checks
It was discovered that roundup, an issue tracker with a command-line, web and email interface, allows users to edit resources in unauthorized ways, including granting themselves admin rights. This update introduces stricter access checks, actually enforcing the configured permissions and roles...
Fedora Core 9 FEDORA-2009-2591 (roundup)
The remote host is missing an update to roundup announced via advisory FEDORA-2009-2591. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...
Fedora Core 10 FEDORA-2009-2583 (roundup)
The remote host is missing an update to roundup announced via advisory FEDORA-2009-2583. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...