Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6109

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2008-6109
Last Modified 12 Feb 2009 12:00:00
Published 10 Feb 2009 07:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-6109

Summary

Robin Rawson-Tetley Animal Shelter Manager (ASM) before 2.2.2 does not properly enforce the privileges of user accounts, which allows local users to bypass intended access restrictions by (1) opening unspecified screens, related to the "double click selector bug"; or modifying a (2) animal, (3) owner, (4) lost/found, (5) diary note, (6) owner donation, or (7) waiting list record, related to "change permissions" and the "new UI."

Vulnerable Systems

Application

  • Animal Shelter Manager 1.1

  • Animal Shelter Manager 1.11

  • Animal Shelter Manager 1.12

  • Animal Shelter Manager 1.20

  • Animal Shelter Manager 1.22

  • Animal Shelter Manager 1.3

  • Animal Shelter Manager 1.30

  • Animal Shelter Manager 1.30 Beta

  • Animal Shelter Manager 1.30.1

  • Animal Shelter Manager 1.30.2

  • Animal Shelter Manager 1.31

  • Animal Shelter Manager 1.32

  • Animal Shelter Manager 1.33

  • Animal Shelter Manager 1.34

  • Animal Shelter Manager 1.35

  • Animal Shelter Manager 1.36

  • Animal Shelter Manager 1.37

  • Animal Shelter Manager 1.38

  • Animal Shelter Manager 1.39

  • Animal Shelter Manager 1.40

  • Animal Shelter Manager 2.0.1

  • Animal Shelter Manager 2.0.14

  • Animal Shelter Manager 2.0.15

  • Animal Shelter Manager 2.0.16

  • Animal Shelter Manager 2.0.17

  • Animal Shelter Manager 2.0.18

  • Animal Shelter Manager 2.0.2

  • Animal Shelter Manager 2.0.21

  • Animal Shelter Manager 2.0.22

  • Animal Shelter Manager 2.0.6

  • Animal Shelter Manager 2.0.8

  • Animal Shelter Manager 2.1.0

  • Animal Shelter Manager 2.1.1

  • Animal Shelter Manager 2.2.0

  • Animal Shelter Manager 2.2.1


References

XF - asm-unspecified-security-bypass(42139)

BID - 29022

CONFIRM - http://sourceforge.net/project/shownotes.php?group_id=82533&release_id=596220

SECUNIA - 30041


Last Updated: 27 May 2016 10:49:04