The acl_check function in phpGroupWare 0.9.16RC2 always returns True, even when mkdir does not behave as expected, which could allow remote attackers to obtain sensitive information via WebDAV from users' home directories that lack .htaccess files, and possibly has other unknown impacts.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2005-11-28T23:00:00Z
Updated: 2024-09-16T20:47:26.962Z
Reserved: 2005-11-28T00:00:00Z
Link: CVE-2004-2577
Vulnrichment
No data.
NVD
Status : Modified
Published: 2004-12-31T05:00:00.000
Modified: 2024-11-20T23:53:42.713
Link: CVE-2004-2577
Redhat
No data.