Authentication Bypass in SQL-Ledger and LedgerSMB Software
CVE-2007-1436

Currently unrated

Key Information:

Vendor: Sql-ledger
Status: Sql-ledger; Ledgersmb
Vendor: CVE Published:; 13 March 2007

What is CVE-2007-1436?

An unspecified vulnerability in the admin.pl script of SQL-Ledger versions prior to 2.6.26 and LedgerSMB versions prior to 1.1.9 allows remote attackers to bypass authentication. This vulnerability enables attackers to prevent a password check from occurring, which could lead to unauthorized access to sensitive information and potentially compromise the integrity of the affected systems.

References

http://www.securityfocus.com/archive/1/462375/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/24496

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/24467

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 13, 2007
Vulnerability Reserved
Mar 13, 2007

CVE-2007-1436 Data

JSON

Sql-ledger

What is CVE-2007-1436?

References

Timeline