← voltar
CVE-2011-1406

CVE-2011-1406

EPSS 1.7%
Mahara before 1.3.6 does not properly handle an https URL in the wwwroot configuration setting, which makes it easier for user-assisted remote attackers to obtain credentials by sniffing the network at a time when an http URL is used for a login.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://exchange.xforce.ibmcloud.com/vulnerabilities/67400https://launchpad.net/mahara/+bug/685942https://launchpad.net/mahara/+milestone/1.3.6http://www.debian.org/security/2011/dsa-2246