MidnightBSD

Advisories for metadot

CVE-2005-4458 HIGH

Group.pm in Metadot Portal Server 6.4.4 and earlier does not properly reset the $IS_OWNER, $IS_ADMIN, and $IS_MANAGER global variables when performing checks for special privileges, which allows users to gain administrator privileges by adding themselves to the SITE_MGR group.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
metadot metadot_portal_server 5.6.4.2
metadot metadot_portal_server 6.4.2
metadot metadot_portal_server 5.6.4.3
metadot metadot_portal_server 5.6.5.1
metadot metadot_portal_server 5.6.5.4b5
metadot metadot_portal_server 5.6.6
metadot metadot_portal_server 5.6.4
metadot metadot_portal_server 6.4
metadot metadot_portal_server 5.6.5.3
metadot metadot_portal_server 5.5.2.1
metadot metadot_portal_server 5.6.5
metadot metadot_portal_server 5.6.5.3.1
metadot metadot_portal_server 5.6.5.2
metadot metadot_portal_server 6.4.3
metadot metadot_portal_server 6.4.1
metadot metadot_portal_server 6.4.4
metadot metadot_portal_server 5.6.4.1