Wazi – Open Source Articles, Tutorials and Licensing Information

By Security Team on Monday, November 2nd, 2009 in Security Notifications | Related Software Packages: Typo3

Affects:

• Typo3 4.3 and prior [High]

Description

The Install Tool subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote attackers to gain access by using only the password’s md5 hash as a credential.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2009-3635
Severity: High

NIST National Vulnerabilities Database

Share this post:

Security Team

We'll keep you safe. Trust us, that's our job. Even though, contrary to what our Avatar might imply, we're not all linebackers. In fact, some of us are quite petite. And others of us wear high heeled boots. Red. Wondering whether we also know what we're talking about? C'mon -have you read any of these security posts?

Comments are closed.

• Software Packages

  Click a package to show related articles:

  Apache Ruby Rails Ubuntu Tomcat Glassfish Firefox MySQL Maven Java JBoss NetBeans PostgreSQL Ruby on Rails RHEL OpenOffice Python Subversion OpenSSL Stripes Fedora JBoss Seam Wicket Postfix Ant

• Keywords

  Tutorial Comparison Legal License GPL Linux Tips & Tricks Web Server FAQ Java Repository Community Microsoft Open Source Policy Copyright Sun SSH Governance IP Scanning Mozilla e-mail Adoption OS Exchange

• Open Source Help & Resources

  Get open source software support »Get a demo of OpenLogic Exchange (OLEX) »Register for a source code scanning demo »

• Most Recent

  • mod_python: More Than Just a CGI/WSGI Alternative
  • Choosing the Right Java Web Development Framework
  • Comparison of Community Linux Distributions for the Enterprise
  • Creating Intelligent Projects with Maven
  • Securing SSL/TLS with Secure Renegotiation

• Most Comments

  • How to Fix Memory Leaks in Java (22)
  • Getting Started with Java EE 6 (20)
  • Comparing Open Source Agile Project Management Tools (16)
  • How to Customize the Firefox 3 Installer (11)
  • Comparison of Community Linux Distributions for the Enterprise (10)

• Open Source News

  • Open Source Alternatives to Small Business Software (Datamation)August 26th, 2010
  • How to Get Started As An Open Source Contributor (OStatic)August 23rd, 2010
  • 50 Open Source Replacements for Expensive Applications (Datamation)August 17th, 2010
  • Open Source Increasingly Coexists With Proprietary Software (OStatic)August 5th, 2010
  • The State of Open Source: Startup, Growth, Maturity or Decline? (Stephen O'Grady)July 27th, 2010