Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6539

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2008-6539
Last Modified 17 Jun 2009 08:09:47
Published 29 Mar 2009 09:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-6539

Summary

Static code injection vulnerability in user/settings/ in DeStar 0.2.2-5 allows remote authenticated users to add arbitrary administrators and inject arbitrary Python code into destar_cfg.py via a crafted pin parameter.

Vulnerable Systems

Application

  • Holger Schurig Destar 0.2.2-5


References

MILW0RM - 5305


Last Updated: 27 May 2016 10:49:14