CVE-2005-2600

NameCVE-2005-2600
DescriptionFUDForum 2.6.15 with "Tree View" enabled, as used in other products such as phpgroupware and egroupware, allows remote attackers to read private posts via a modified mid parameter.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-798-1, DSA-899-1
NVD severitymedium (attack range: remote)
Debian Bugs323928, 323929
Debian/oldoldstablenot known to be vulnerable.
Debian/oldstablenot known to be vulnerable.
Debian/stablenot known to be vulnerable.
Debian/testingnot known to be vulnerable.
Debian/unstablenot known to be vulnerable.

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
egroupwaresource(unstable)1.0.0.009.dfsg-3-2medium323928
egroupwaresourcesarge1.0.0.007-2.dfsg-2sarge4mediumDSA-899-1
phpgroupwaresource(unstable)0.9.16.008-1medium323929
phpgroupwaresourcesarge0.9.16.005-3.sarge2highDSA-798-1
phpgroupwaresourcewoody(not affected)DSA-798-1

Search for package or bug name: Reporting problems