Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:15143
HistoryDec 25, 2009 - 12:00 a.m.

Trac文本格式报表信息泄露漏洞

2009-12-2500:00:00
Root
www.seebug.org
12

EPSS

0.006

Percentile

78.2%

JSON

CVE(CAN) ID: CVE-2009-4405

Trac是用Python编写的基于Web的事件跟踪系统。

Trac在生成逗号分隔或制表符分隔的文本格式报表时没有正确地强制某些策略,用户无需必要的权限就可以从故障单中访问敏感信息。

Edgewall Software Trac < 0.11.6
厂商补丁:

Edgewall Software

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://trac.edgewall.org/browser/tags/trac-0.11.6/RELEASE

Related

ubuntucve 1
prion 1
nvd 1
openvas 2
cve 1
debiancve 1
github 1
osv 1
nessus 1
cvelist 1
ubuntucve
ubuntucve
CVE-2009-4405
2009-12-23 00:00:00
prion
prion
Code injection
2009-12-23 21:30:00
nvd
nvd
CVE-2009-4405
2009-12-23 21:30:00
openvas
openvas
Fedora Core 12 FEDORA-2009-12975 (trac)
2009-12-30 00:00:00
Fedora Core 12 FEDORA-2009-12975 (trac)
2009-12-30 00:00:00
cve
cve
CVE-2009-4405
2009-12-23 21:30:00
debiancve
debiancve
CVE-2009-4405
2009-12-23 21:30:00
github
github
Trac is vulnerable to improper policy checks and missing 'raw' role check in docutils
2022-05-02 03:54:25
osv
osv
PYSEC-2009-7
2009-12-23 21:30:00
nessus
nessus
Fedora 12 : trac-0.11.6-1.fc12 (2009-12975)
2009-12-22 00:00:00
cvelist
cvelist
CVE-2009-4405
2009-12-23 21:00:00

EPSS

0.006

Percentile

78.2%

JSON
Related for SSV:15143
ubuntucve1prion1nvd1openvas2cve1debiancve1github1osv1nessus1cvelist1