Web application abuses : TYPO3 OpenID Authentication Bypass Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.803992

Categoría: Web application abuses

Título: TYPO3 OpenID Authentication Bypass Vulnerability

Resumen: TYPO3 is prone to an authentication bypass vulnerability.

Descripción: Summary:
TYPO3 is prone to an authentication bypass vulnerability.

Vulnerability Insight:
An error exists in the built-in OpenID extension, which fails to verify user
identities properly

Vulnerability Impact:
Successful exploitation will allow attackers to bypass security restrictions.

Affected Software/OS:
TYPO3 versions 4.3.0

Solution:
Upgrade to TYPO3 version 4.3.1 or later.

CVSS Score:
5.1

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-0286
http://osvdb.org/61680
http://secunia.com/advisories/38206
http://www.vupen.com/english/advisories/2010/0127
XForce ISS Database: typo3-openid-security-bypass(55609)
https://exchange.xforce.ibmcloud.com/vulnerabilities/55609

Copyright Copyright (C) 2013 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.803992
Categoría:	Web application abuses
Título:	TYPO3 OpenID Authentication Bypass Vulnerability
Resumen:	TYPO3 is prone to an authentication bypass vulnerability.
Descripción:	Summary: TYPO3 is prone to an authentication bypass vulnerability. Vulnerability Insight: An error exists in the built-in OpenID extension, which fails to verify user identities properly Vulnerability Impact: Successful exploitation will allow attackers to bypass security restrictions. Affected Software/OS: TYPO3 versions 4.3.0 Solution: Upgrade to TYPO3 version 4.3.1 or later. CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0286 http://osvdb.org/61680 http://secunia.com/advisories/38206 http://www.vupen.com/english/advisories/2010/0127 XForce ISS Database: typo3-openid-security-bypass(55609) https://exchange.xforce.ibmcloud.com/vulnerabilities/55609
Copyright	Copyright (C) 2013 Greenbone AG