SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Forum/Board/Portal)  >   AutoTheme Vendors:   Spidean
AutoTheme for PostNuke Blocks Module May Let Remote Users Gain Access
SecurityTracker Alert ID:  1013908
SecurityTracker URL:  http://securitytracker.com/id/1013908
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  May 6 2005
Impact:   User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): AutoTheme 1.7, AT-Lite .8; for PostNuke
Description:   A vulnerability was reported in AutoTheme for PostNuke. The impact was not specified.

The flaw resides in 'modules/Blocks/pnadmin.php'.

[Editor's note: Although the impact was not specified, the temporary security fix attempts to block users that are not properly authenticated.]

The vendor credits Infopro and Markwest with reporting this vulnerability.

Impact:   A remote user may be able to gain access to the Blocks module.
Solution:   A fix is available at:

http://spidean.mckenzies.net/Downloads+index-req-viewsdownload-sid-34.phtml

Vendor URL:  spidean.mckenzies.net/Downloads+index-req-viewdownload-cid-12.phtml (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC