FreeBSD : sql-ledger -- security bypass vulnerability (8e02441d-d39c-11db-a6da-0003476f14d3)

High Nessus Plugin ID 24838


The remote FreeBSD host is missing a security-related update.


Chris Travers reports :

George Theall of Tenable Security notified the LedgerSMB core team today of an authentication bypass vulnerability allowing full access to the administrator interface of LedgerSMB 1.1 and SQL-Ledger 2.x.
The problem is caused by the password checking routine failing to enforce a password check under certain circumstances. The user can then create accounts or effect denial of service attacks.

This is not related to any previous CVE.

We have coordinated with the SQL-Ledger vendor and today both of us released security patches correcting the problem. SQL-Ledger users who can upgrade to 2.6.26 should do so, and LedgerSMB 1.1 or 1.0 users should upgrade to 1.1.9. Users who cannot upgrade should configure their web servers to use http authentication for the script in the main root directory.


Update the affected package.

See Also

Plugin Details

Severity: High

ID: 24838

File Name: freebsd_pkg_8e02441dd39c11dba6da0003476f14d3.nasl

Version: $Revision: 1.10 $

Type: local

Published: 2007/03/18

Modified: 2014/09/18

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:sql-ledger, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2007/03/16

Vulnerability Publication Date: 2007/03/09