CVE-2006-0868

PEAR::Auth potential authentication bypass vulnerability in packagist/pear/auth

Identifiers

GHSA-76rh-xv36-9mrc, CVE-2006-0868

Package Slug

packagist/pear/auth

Vulnerability

PEAR::Auth potential authentication bypass vulnerability

Description

Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and 1.3.x before 1.3.0r4, allow remote attackers to "falsify authentication credentials," related to the "underlying storage containers."

Affected Versions

All versions before 1.2.4, all versions starting from 1.3.0r1 before 1.3.0r4

Solution

Upgrade to versions 1.2.4, 1.3.0r4 or above.

Last Modified

2024-02-12

source