Unspecified vulnerability in GONICUS System Administration (GOsa) before 2.5.8 allows remote authenticated users to modify certain settings, including the admin password, via crafted POST requests.
https://exchange.xforce.ibmcloud.com/vulnerabilities/31516
http://www.vupen.com/english/advisories/2007/0207
http://secunia.com/advisories/23749
http://oss.gonicus.de/pipermail/gosa/2007-January/002650.html