Allows remote attackers to add arbitrary users via a direct request to config/add/CfgOptUser.
Bug #421865 reported by
Dave Walker
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
destar (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: destar
An unauthenticated remote attackers can add arbitrary users via a direct request to config/
http://
CVE References
visibility: | private → public |
To post a comment you must log in.
Thank you for using Ubuntu and taking the time to report a bug. This package is in universe and is community supported. If you are able, perhaps you could prepare debdiffs to fix this by following https:/ /wiki.ubuntu. com/SecurityUpd ateProcedures.