Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 454
Alerts This Week
Warning Icon 1 454

Gentoo: GLSA-200601-15 High: Paros Default Admin Password Issue

gentoo
Calendar Grey January 29, 2006
Dist Gentoo Esm H88
Gentoo's GLSA 200801-22 addresses vulnerability in the Bugzilla admin interface, enabling unauthorized access.
Paros's database component is installed without a password, allowing execution of arbitrary system commands.

Summary

Gentoo Linux Security Advisory GLSA 200601-15 https://security.gentoo.org/ Severity: High Title: Paros: Default administrator password Date: January 29, 2006 Bugs: #120352 ID: 200601-15

Synopsis ======= Paros's database component is installed without a password, allowing execution of arbitrary system commands.
Background ========= Paros is an intercepting proxy between a web server and a client meant to be used for security assessments. It allows the user to watch and modify the HTTP(S) traffic.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-proxy/paros <= 3.2.5 > 3.2.5
========== Andrew Christensen discovered that in older versions of Paros the database component HSQLDB is installed ...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround