Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1654

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-1654
Last Modified 05 Sep 2008 04:49:43
Published 18 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1654

Summary

Hosting Controller 6.1 Hotfix 1.9 and earlier allows remote attackers to register arbitrary users via a direct request to addsubsite.asp with the loginname and password parameters set.

Vulnerable Systems

Application

  • Hosting Controller 6.1 Hotfix 1.4

  • Hosting Controller 6.1 Hotfix 1.9


References

MISC - http://isun.shabgard.org/hc3.txt

SECUNIA - 15271


Last Updated: 27 May 2016 10:40:14