Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-1056-1
HistoryMay 15, 2006 - 12:00 a.m.

webcalendar - verbose error message

2006-05-1500:00:00
Google
osv.dev
4

EPSS

0.012

Percentile

85.0%

JSON

David Maciejak noticed that webcalendar, a PHP-based multi-user
calendar, returns different error messages on login attempts for an
invalid password and a non-existing user, allowing remote attackers to
gain information about valid usernames.

The old stable distribution (woody) does not contain a webcalendar package.

For the stable distribution (sarge) this problem has been fixed in
version 0.9.45-4sarge4.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your webcalendar package.

Related

debian 2
nessus 2
ubuntucve 1
openvas 4
cvelist 1
nvd 1
prion 1
cve 1
debian
debian
[SECURITY] [DSA 1056-1] New webcalendar packages fix information leak
2006-05-15 06:55:08
[SECURITY] [DSA 1056-1] New webcalendar packages fix information leak
2006-05-15 06:55:08
nessus
nessus
Debian DSA-1056-1 : webcalendar - verbose error message
2006-10-14 00:00:00
WebCalendar Login Error Message User Account Enumeration
2006-05-16 00:00:00
ubuntucve
ubuntucve
CVE-2006-2247
2006-05-09 00:00:00
openvas
openvas
WebCalendar User Account Enumeration Disclosure Issue
2008-10-24 00:00:00
Debian: Security Advisory (DSA-1056-1)
2008-01-17 00:00:00
WebCalendar < 1.0.4 User Account Enumeration Disclosure Vulnerability - Active Check
2008-10-24 00:00:00
cvelist
cvelist
CVE-2006-2247
2006-05-09 10:00:00
nvd
nvd
CVE-2006-2247
2006-05-09 10:02:00
prion
prion
Code injection
2006-05-09 10:02:00
cve
cve
CVE-2006-2247
2006-05-09 10:02:00

EPSS

0.012

Percentile

85.0%

JSON
Related for OSV:DSA-1056-1
debian2nessus2ubuntucve1openvas4cvelist1nvd1prion1cve1