Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2006-2945

Unspecified vulnerability in the user profile change functionality in DokuWiki, when Access Control Lists are enabled, allows remote authenticated users to read unauthorized files via unknown attack vectors.

Related bugs and status

CVE-2006-2945 (Candidate) is related to these bugs:

Bug #45887: Security update needed for all versions prior to 2006 March 9th

		In	Importance	Status
45887	Security update needed for all versions prior to 2006 March 9th	dokuwiki (Ubuntu)	Medium	Fix Released
45887	Security update needed for all versions prior to 2006 March 9th	dokuwiki (Ubuntu Breezy)	Medium	Invalid
45887	Security update needed for all versions prior to 2006 March 9th	dokuwiki (Ubuntu Dapper)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

SECUNIA: 20478
VUPEN: ADV-2006-2172
CONFIRM: http://bugs.splitbrain...
XF: dokuwiki-acl-bypass(27...