Vulnerabilities

CVE-2010-3852

by Fred · 05/11/2010

The default configuration of Luci 0.22.4 and earlier in Red Hat Conga uses "[INSERT SECRET HERE]" as its secret key for cookies, which makes it easier for remote attackers to bypass repoze.who authentication via a forged ticket cookie.

Date published : 2010-11-05

http://www.securityfocus.com/bid/44611

http://git.fedorahosted.org/git/?p=luci.git;a=commit;h=9e0bbf0c5faa198379d945474f7d55da5031cacf

Similar

Tags: Cybersecurity Alert