Allows remote attackers to add arbitrary users via a direct request to config/add/CfgOptUser.
Bug #421865 reported by
Dave Walker
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| destar (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned | ||
Bug Description
Binary package hint: destar
An unauthenticated remote attackers can add arbitrary users via a direct request to config/
http://
CVE References
| visibility: | private → public |
Revision history for this message
| Jamie Strandboge (jdstrand) wrote | #1 |
| Changed in destar (Ubuntu): | |
| status: | New → Confirmed |
To post a comment you must log in.
Thank you for using Ubuntu and taking the time to report a bug. This package is in universe and is community supported. If you are able, perhaps you could prepare debdiffs to fix this by following https:/