FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

WebCalendar -- unauthorized access vulnerability

Affected packages
WebCalendar < 1.0.0

Details

VuXML ID 07ead557-a220-11da-b410-000e0c2e438a
Discovery 2005-06-27
Entry 2006-02-20

SecurityFocus reports that WebCalendar is affected by an unauthorized access vulnerability. The vulnerability is caused by improper checking of the authentication mechanism before access is being permitted to the "assistant_edit.php" file.

References

Bugtraq ID 14072
CVE Name CAN-2005-2320