Lucene search
Ubuntu.comUB:CVE-2008-1475HistoryMar 24, 2008 - 12:00 a.m.
CVE-2008-1475
2008-03-2400:00:00
ubuntu.com
ubuntu.com
11
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
EPSS
0.01
Percentile
83.8%
The xml-rpc server in Roundup 1.4.4 does not check property permissions,
which allows attackers to bypass restrictions and edit or read restricted
properties via the (1) list, (2) display, and (3) set methods.
Notes
| Author | Note |
|---|---|
| jdstrand | per Debian, code introduced in 1.4.0 |
Related
nessus
nessus
Fedora 8 : roundup-1.4.6-1.fc8 (2008-9712)
2008-11-21 00:00:00
Fedora 9 : roundup-1.4.6-1.fc9 (2008-9734)
2008-11-21 00:00:00
GLSA-200805-21 : Roundup: Permission bypass
2008-05-28 00:00:00
osv
osv
PYSEC-2008-10
2008-03-24 22:44:00
Roundup xml-rpc server improper check of property permissions
2022-05-01 23:40:33
fedora
fedora
[SECURITY] Fedora 8 Update: roundup-1.4.6-1.fc8
2008-11-19 14:48:40
[SECURITY] Fedora 9 Update: roundup-1.4.6-1.fc9
2008-11-19 14:51:49
github
github
Roundup xml-rpc server improper check of property permissions
2022-05-01 23:40:33
cvelist
cvelist
CVE-2008-1475
2008-03-24 22:00:00
cve
cve
CVE-2008-1475
2008-03-24 22:44:00
prion
prion
Design/Logic Flaw
2008-03-24 22:44:00
nvd
nvd
CVE-2008-1475
2008-03-24 22:44:00
redhatcve
redhatcve
CVE-2008-1475
2019-10-04 22:02:05
openvas
openvas
Fedora Update for roundup FEDORA-2008-9734
2009-02-17 00:00:00
Fedora Update for roundup FEDORA-2008-9712
2009-02-17 00:00:00
Fedora Update for roundup FEDORA-2008-9734
2009-02-17 00:00:00
veracode
veracode
Authorization Bypass
2024-04-30 11:35:35
gentoo
gentoo
Roundup: Permission bypass
2008-05-27 00:00:00
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
EPSS
0.01
Percentile
83.8%
Related for UB:CVE-2008-1475