Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3268

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-3268
Last Modified 05 Sep 2008 05:42:33
Published 24 Jul 2008 11:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3268

Summary

Unspecified vulnerability in phpScheduleIt 1.2.0 through 1.2.9, when useLogonName is enabled, allows remote attackers with administrator email address knowledge to bypass restrictions and gain privileges via unspecified vectors related to login names. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Brickhost Phpscheduleit 1.2.0

  • Brickhost Phpscheduleit 1.2.1

  • Brickhost Phpscheduleit 1.2.2

  • Brickhost Phpscheduleit 1.2.3

  • Brickhost Phpscheduleit 1.2.4

  • Brickhost Phpscheduleit 1.2.5

  • Brickhost Phpscheduleit 1.2.6

  • Brickhost Phpscheduleit 1.2.7

  • Brickhost Phpscheduleit 1.2.9


References

XF - phpscheduleit-unspecified-security-bypass(43900)

BID - 30300

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=614202

SECUNIA - 31147


Last Updated: 27 May 2016 10:48:08