GHSA-76rh-xv36-9mrc
Suggest an improvement- Source
- https://github.com/advisories/GHSA-76rh-xv36-9mrc
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-76rh-xv36-9mrc/GHSA-76rh-xv36-9mrc.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-76rh-xv36-9mrc
- Aliases
-
- CVE-2006-0868
- Published
- 2022-05-01T06:43:23Z
- Modified
- 2024-12-05T05:26:48.018821Z
- Summary
- PEAR::Auth potential authentication bypass vulnerability
- Details
-
Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and 1.3.x before 1.3.0r4, allow remote attackers to "falsify authentication credentials," related to the "underlying storage containers."
- Database specific
{ "nvd_published_at": "2006-02-23T23:02:00Z", "cwe_ids": [], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2024-02-09T22:02:11Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2006-0868
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24854
- https://github.com/pear/Auth
- https://web.archive.org/web/20060315074736/http://securitytracker.com/alerts/2006/Feb/1015666.html
- https://web.archive.org/web/20060408105851/http://www.securityfocus.com/bid/16758
- https://web.archive.org/web/20201207144810/http://www.securityfocus.com/archive/1/425796/100/0/threaded
- http://pear.php.net/package/Auth/download/1.2.4
- http://pear.php.net/package/Auth/download/1.3.0r4
- http://www.gentoo.org/security/en/glsa/glsa-200603-13.xml