3 matches found
CVE-2010-1670
Mahara before 1.0.15, 1.1.x before 1.1.9, and 1.2.x before 1.2.5 has improper configuration options for authentication plugins associated with logins that use the single sign-on SSO functionality, which allows remote attackers to bypass authentication via an empty password. NOTE: some of these...
CVE-2010-1670
CVE-2010-1670 affects Mahara prior to 1.0.15, 1.1.x prior to 1.1.9, and 1.2.x prior to 1.2.5, where misconfiguration options for authentication plugins used by SSO allow remote attackers to bypass authentication with an empty password. Several connected sources (Red Hat, Debian, OpenVAS entries) ...
[SECURITY] [DSA-2067-1] New mahara packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-2067-1 [email protected] http://www.debian.org/security/ Raphael Geissert Jul 02, 2010 http://www.debian.org/security/faq -...