CVE-2006-0868
First published: Thu Feb 23 2006(Updated: )
Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and 1.3.x before 1.3.0r4, allow remote attackers to "falsify authentication credentials," related to the "underlying storage containers."
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| composer/pear/auth | >=1.3.0r1<1.3.0r4 | 1.3.0r4 |
| composer/pear/auth | <1.2.4 | 1.2.4 |
| PEAR XML-RPC | =1.0.2 | |
| PEAR XML-RPC | =1.0.3 | |
| PEAR XML-RPC | =1.0.4 | |
| PEAR XML-RPC | =1.1.0 | |
| PEAR XML-RPC | =1.2.0 | |
| PEAR XML-RPC | =1.2.0rc1 | |
| PEAR XML-RPC | =1.2.0rc2 | |
| PEAR XML-RPC | =1.2.0rc3 | |
| PEAR XML-RPC | =1.2.0rc4 | |
| PEAR XML-RPC | =1.2.0rc5 | |
| PEAR XML-RPC | =1.2.0rc6 | |
| PEAR XML-RPC | =1.2.0rc7 | |
| PEAR XML-RPC | =1.2.1 | |
| PEAR XML-RPC | =1.2.2 | |
| PEAR XML-RPC | =1.3.0rc1 | |
| PEAR XML-RPC | =1.3.0rc2 | |
| PEAR XML-RPC | =1.3.0rc3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://pear.php.net/package/Auth/download/1.2.4
- http://pear.php.net/package/Auth/download/1.3.0r4
- http://www.securityfocus.com/bid/16758
- http://securitytracker.com/id?1015666
- http://secunia.com/advisories/19008
- http://www.gentoo.org/security/en/glsa/glsa-200603-13.xml
- http://secunia.com/advisories/19301
- http://www.vupen.com/english/advisories/2006/0696
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24854
- http://www.securityfocus.com/archive/1/425796/100/0/threaded
- https://nvd.nist.gov/vuln/detail/CVE-2006-0868
- https://web.archive.org/web/20060315074736/http://securitytracker.com/alerts/2006/Feb/1015666.html
- https://web.archive.org/web/20060408105851/http://www.securityfocus.com/bid/16758
- https://web.archive.org/web/20201207144810/http://www.securityfocus.com/archive/1/425796/100/0/threaded
- https://github.com/advisories/GHSA-76rh-xv36-9mrc (Advisory)
Frequently Asked Questions
What is the severity of CVE-2006-0868?
CVE-2006-0868 is classified as a critical vulnerability due to its potential for authentication credential falsification.
How do I fix CVE-2006-0868?
To remediate CVE-2006-0868, upgrade to PEAR::Auth version 1.2.4 or later, or 1.3.0r4 or later.
What software is affected by CVE-2006-0868?
CVE-2006-0868 affects multiple versions of PEAR::Auth, including versions prior to 1.2.4 and 1.3.x before 1.3.0r4.
What type of vulnerabilities are associated with CVE-2006-0868?
CVE-2006-0868 is associated with multiple unspecified injection vulnerabilities that allow unauthorized access.
Who can potentially exploit CVE-2006-0868?
Remote attackers can potentially exploit CVE-2006-0868 to falsify authentication credentials.
- agent/type
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-76rh-xv36-9mrc
- alias/CVE-2006-0868
- agent/software-canonical-lookup
- agent/severity
- agent/remedy
- agent/references
- agent/weakness
- agent/description
- agent/author
- agent/softwarecombine
- collector/github-advisory
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/trending
- agent/source
- agent/tags
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/pear
- product/xml rpc
- canonical/pear xml rpc
- collector/nvd-index
- package-manager/composer
- canonical/pear xml-rpc
- version/pear xml-rpc/1.0.2
- version/pear xml-rpc/1.0.3
- version/pear xml-rpc/1.0.4
- version/pear xml-rpc/1.1.0
- version/pear xml-rpc/1.2.0
- version/pear xml-rpc/1.2.0rc1
- version/pear xml-rpc/1.2.0rc2
- version/pear xml-rpc/1.2.0rc3
- version/pear xml-rpc/1.2.0rc4
- version/pear xml-rpc/1.2.0rc5
- version/pear xml-rpc/1.2.0rc6
- version/pear xml-rpc/1.2.0rc7
- version/pear xml-rpc/1.2.1
- version/pear xml-rpc/1.2.2
- version/pear xml-rpc/1.3.0rc1
- version/pear xml-rpc/1.3.0rc2
- version/pear xml-rpc/1.3.0rc3