Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-5253

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-5253
Last Modified 23 Jan 2013 12:00:00
Published 11 Jan 2013 11:33:49
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-5253

Summary

Dl Download Ticket Service 0.3 through 0.9 allows remote attackers to login as an arbitrary user by supplying an authorization header.

Vulnerable Systems

Application

  • Thegr Dl 0.3

  • Thegr Dl 0.4

  • Thegr Dl 0.5

  • Thegr Dl 0.6

  • Thegr Dl 0.7

  • Thegr Dl 0.8

  • Thegr Dl 0.9


References

XF - dl-download-security-bypass(72252)

CONFIRM - http://www.thregr.org/~wavexx/software/dl/NEWS.html

BID - 51347

SECUNIA - 47466


Last Updated: 27 May 2016 11:01:37