Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0288

Overview

Vulnerability Score 3.6 3.6
CVE Id CVE-2005-0288
Last Modified 05 Sep 2008 04:45:51
Published 11 Jan 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-0288

Summary

The change password functionality in Bottomline Webseries Payment Application does not require the old password when users enter a new password, which could allow remote authenticated users to change other users' passwords.

Vulnerable Systems

Application

  • Bottomline Webseries Payment Application 4.0


References

XF - webseries-pa-password-gain-access(18860)

BID - 12231

BUGTRAQ - 20050110 Portcullis Security Advisory 05-008

SECTRACK - 1012854

SECUNIA - 13821


Last Updated: 27 May 2016 10:39:44