Allaire Forums 的”rightAccessAllForums” 漏洞

漏洞信息详情

Allaire Forums 的”rightAccessAllForums” 漏洞

• CNNVD编号：CNNVD-200004-002
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2000-0297
  
• 漏洞类型：
  
  
  输入验证
  
• 发布时间：
  
  2000-04-03
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-05-02
  
• 厂        商：
  
  allaire
• 漏洞来源：
  Discovered and rep…

Allaire Forums 2.0.5存在漏洞，远程攻击者可以通过rightAccessAllForums或rightModerateAllForums变量绕过访问限制到达安全会议。

Allaire has released a patch for this issue.
Allaire Forums 2.0.5

• Allaire forumfixThe template files were created to replace the existing files on your system. It is recommended you back up your existing data before over-writing or replacing any files. You will also need to modify these files to reflect any personal coding changes you have made to your existing Forums installatio
  
  http://download.allaire.com/patches/ASB00-07forumfix.zip

来源: ALLAIRE
名称: ASB00-06
链接:http://www2.allaire.com/handlers/index.cfm?ID=15099&Method=Full

来源: BID
名称: 1085
链接:http://www.securityfocus.com/bid/1085

来源: OSVDB
名称: 1270
链接:http://www.osvdb.org/1270