Name | CVE-2005-2600 |
Description | FUDForum 2.6.15 with "Tree View" enabled, as used in other products such as phpgroupware and egroupware, allows remote attackers to read private posts via a modified mid parameter. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
References | DSA-798-1, DSA-899-1 |
Debian Bugs | 323928, 323929 |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|---|---|---|---|---|---|
egroupware | source | sarge | 1.0.0.007-2.dfsg-2sarge4 | DSA-899-1 | ||
egroupware | source | (unstable) | 1.0.0.009.dfsg-3-2 | medium | 323928 | |
phpgroupware | source | woody | (not affected) | DSA-798-1 | ||
phpgroupware | source | sarge | 0.9.16.005-3.sarge2 | high | DSA-798-1 | |
phpgroupware | source | (unstable) | 0.9.16.008-1 | medium | 323929 |