CVE-2006-0868: PEAR::Auth potential authentication bypass vulnerability
(updated )
Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and 1.3.x before 1.3.0r4, allow remote attackers to “falsify authentication credentials,” related to the “underlying storage containers.”
References
- pear.php.net/package/Auth/download/1.2.4
- pear.php.net/package/Auth/download/1.3.0r4
- www.gentoo.org/security/en/glsa/glsa-200603-13.xml
- exchange.xforce.ibmcloud.com/vulnerabilities/24854
- github.com/advisories/GHSA-76rh-xv36-9mrc
- nvd.nist.gov/vuln/detail/CVE-2006-0868
- web.archive.org/web/20060315074736/http://securitytracker.com/alerts/2006/Feb/1015666.html
- web.archive.org/web/20060408105851/http://www.securityfocus.com/bid/16758
- web.archive.org/web/20201207144810/http://www.securityfocus.com/archive/1/425796/100/0/threaded
Code Behaviors & Features
Detect and mitigate CVE-2006-0868 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →