Signature Detail
Short Name |
HTTP:PHP:ACAL-AUTH-BYPASS |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
ACal Calendar Project 2.2.5 Authentication Bypass |
Release Date |
2013/04/23 |
Update Number |
2256 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: ACal Calendar Project 2.2.5 Authentication Bypass
This signature detects attempts to exploit a known vulnerability against ACal Calendar Project 2.2.5. A successful attack can lead to unauthorized access.
Extended Description
login.php in ACal Calendar Project 2.2.5 allows remote attackers to bypass authentication by setting the ACalAuthenticate cookie variable to "inside".
Affected Products
- acal calendar_project 2.2.5
References
- CVE: CVE-2006-0182