Friday, December 3, 2010

Pandora FMS: Authentication Bypass and Multiple Input Validation Vulnerabilities

Users of Pandora FMS please be advised of an Authentication Bypass and Multiple Input Validation Vulnerabilities that has been identified.

To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Amplify’d from www.criticalwatch.com
Pandora-SA-11/30/2010: Pandora FMS Authentication Bypass and Multiple Input Validation Vulnerabilities
Pandora FMS Authentication Bypass and Multiple Input Validation
Vulnerabilities

CVE IDs in this security advisory:

1) Authentication bypass - CVE-2010-4279
2) OS Command Injection - CVE-2010-4278
3) SQL Injection - CVE-2010-4280
4) Blind SQL Injection - CVE-2010-4280
5) Path Traversal - CVE-2010-4281 - CVE-2010-4282 - CVE-2010-4283
Read more at www.criticalwatch.com
 
See this Amp at http://bit.ly/dYg6Y0

Posted by at

1 comment:

Subscribe to: Post Comments (Atom)