Lucene search
Ubuntu.comUB:CVE-2010-3692HistoryOct 07, 2010 - 12:00 a.m.
CVE-2010-3692
2010-10-0700:00:00
ubuntu.com
ubuntu.com
10
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.011 Low
EPSS
Percentile
84.3%
Directory traversal vulnerability in the callback function in client.php in
phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to
create or overwrite arbitrary files via directory traversal sequences in a
Proxy Granting Ticket IOU (PGTiou) parameter.
Notes
| Author | Note |
|---|---|
| sbeattie | fixed in php-cas 1.1.3 |
Related
prion
prion
Directory traversal
2010-10-07 21:00:00
cvelist
cvelist
CVE-2010-3692
2010-10-07 20:21:00
cve
cve
CVE-2010-3692
2010-10-07 21:00:02
nvd
nvd
CVE-2010-3692
2010-10-07 21:00:02
nessus
nessus
Fedora 13 : php-pear-CAS-1.1.3-1.fc13 (2010-15943)
2010-10-20 00:00:00
Fedora 14 : php-pear-CAS-1.1.3-1.fc14 (2010-15796)
2010-10-15 00:00:00
Fedora 12 : php-pear-CAS-1.1.3-1.fc12 (2010-15970)
2010-10-20 00:00:00
openvas
openvas
Fedora Update for php-pear-CAS FEDORA-2010-15943
2010-10-22 00:00:00
Fedora Update for php-pear-CAS FEDORA-2010-15970
2010-10-22 00:00:00
Fedora Update for php-pear-CAS FEDORA-2010-15796
2010-12-02 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: php-pear-CAS-1.1.3-1.fc14
2010-10-14 14:12:47
[SECURITY] Fedora 13 Update: php-pear-CAS-1.1.3-1.fc13
2010-10-19 07:20:48
[SECURITY] Fedora 12 Update: php-pear-CAS-1.1.3-1.fc12
2010-10-19 07:20:54
debian
debian
[SECURITY] [DSA 2172-1] moodle security update
2011-02-22 21:45:00
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.011 Low
EPSS
Percentile
84.3%
Related for UB:CVE-2010-3692