模板
教程
环境
性能
功能
管理
StickerSecureMessagingRemotepostingvuln
发表于:2007-05-25来源:作者:点击数:
标签:
Added by: A^C^E Date: 10.10.04 Time: 14:32:49 Category: Vulns Source: _ blank> http://securitytracker.com/alerts/2004/Oct/1011580.html Impact: User access via .net work Fix Available: Yes Vendor Confirmed: Yes Version(s): 3.1b1 Description
Added by: A^C^E Date: 10.10.04
Time: 14:32:49
Category: Vulns
Source: _blank>http://securitytracker.com/alerts/2004/Oct/1011580.html
Impact: User aclearcase/" target="_blank" >ccess via.network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 3.1b1
Description: A vulnerability was reported in Sticker. A remote user can post secure messages to a private group.
The vendor reported that a remote user with access to a public key can post secure messages to a group secured with the corresponding private key.
Impact: A remote user can post secure messages to a group that they are not authorized to submit to.
Solution: The vendor has released a fixed version (3.1.0 beta 2), available at:
_blank>http://www.tickertape.org/projects/sticker/#downloads
Vendor URL: www.tickertape.org/projects/sticker/
Cause: Access control error
Underlying OS: Linux (Any), UNIX (Any), Windows (Any)
