CVE-2006-5428

Published: Oct 20, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

rpc.php in Cerberus Helpdesk 3.2.1 does not verify a client's privileges for a display_get_requesters operation, which allows remote attackers to bypass the GUI login and obtain sensitive information (ticket data) via a direct request.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://forum.cerberusweb.com/showthread.php?t=7922

x_refsource_CONFIRM

22418

third-party-advisory

x_refsource_SECUNIA

ADV-2006-4089

vdb-entry

x_refsource_VUPEN

20598

vdb-entry

x_refsource_BID

cerberushelpdesk-rpc-information-disclosure(29655)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2006-5428

Description

Affected Products

References