|
|
CVE Reference: CVE-2008-0169 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-0169 |
|
|
Description: Plugin/passwordauth.pm (aka the passwordauth plugin) in ikiwiki 1.34 through 2.47 allows remote attackers to bypass authentication, and login to any account for which an OpenID identity is configured and a password is not configured, by specifying an empty password during the login sequence. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/42798 SAID Secunia Advisory: SA30468 MLIST http://www.openwall.com/lists/oss-security/2008/05/31/3 CONFIRM http://ikiwiki.info/news/version_2.48/index.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483770 http://ikiwiki.info/security/#index33h2 BID 29479 |
|
| Return to the previous page. |
