Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6160

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-6160
Last Modified 20 Aug 2009 01:24:47
Published 18 Feb 2009 11:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6160

Summary

Semantically-Interconnected Online Communities (SIOC) 5.x before 5.x-1.2 and 6.x before 6.x-1.1, a module for Drupal, does not properly implement menu and database APIs, which allows remote attackers to obtain usernames and read hashed emails and comments via unspecified vectors.

Vulnerable Systems

Application

  • Drupal Semantically Interconnected Online Communities 5.x 1.0

  • Drupal Semantically Interconnected Online Communities 6.x 1.0


References

CONFIRM - http://drupal.org/node/318749

XF - sioc-unspecified-security-bypass(45762)

BID - 31658

SECUNIA - 32191


Last Updated: 27 May 2016 10:49:05