The acl_check function in phpGroupWare 0.9.16RC2 always returns True, even when mkdir does not behave as expected, which could allow remote attackers to obtain sensitive information via WebDAV from users' home directories that lack .htaccess files, and possibly has other unknown impacts.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-11-28T23:00:00Z

Updated: 2024-09-16T20:47:26.962Z

Reserved: 2005-11-28T00:00:00Z

Link: CVE-2004-2577

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2004-12-31T05:00:00.000

Modified: 2024-11-20T23:53:42.713

Link: CVE-2004-2577

cve-icon Redhat

No data.