Back to search
CVE-2006-5932
Published: Nov 16, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Kahua before 0.7, when running multiple applications under a single supervisor, grants application access on the basis of username instead of username and database name, which allows remote authenticated users to obtain unauthorized access if different databases assign the same username to different user accounts.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.kahua.org/cgi-bin/kahua.fcgi/kahua-web/show/KSA/KSA2006-001
x_refsource_CONFIRM
ADV-2006-4486
vdb-entry
x_refsource_VUPEN
22785
third-party-advisory
x_refsource_SECUNIA
kahua-databases-authentication-bypass(30206)
vdb-entry
x_refsource_XF
http://www.timedia.co.jp/news/2467470581
x_refsource_CONFIRM
21074
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now