The installation of Geeklog 1.3 creates an extra group_assignments record which is not properly deleted, which causes the first newly created user to be added to the GroupAdmin and UserAdmin groups, which could provide that user with administrative privileges that were not intended.
References
Link | Resource |
---|---|
http://geeklog.sourceforge.net/index.php?topic=Security | |
http://www.iss.net/security_center/static/7780.php | Patch Vendor Advisory |
http://www.securityfocus.com/archive/1/248367 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/3783 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2002-06-25T04:00:00
Updated: 2002-03-22T10:00:00
Reserved: 2002-03-15T00:00:00
Link: CVE-2002-0096
JSON object: View
NVD Information
Status : Analyzed
Published: 2002-03-25T05:00:00.000
Modified: 2008-09-05T20:27:10.217
Link: CVE-2002-0096
JSON object: View
Redhat Information
No data.
CWE