CVE-2002-0096

Published: Mar 25, 2002Modified: Apr 16, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

The installation of Geeklog 1.3 creates an extra group_assignments record which is not properly deleted, which causes the first newly created user to be added to the GroupAdmin and UserAdmin groups, which could provide that user with administrative privileges that were not intended.

Affected (1)

Products: Geeklog: Geeklog

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Geeklog Geeklog	Version 1.3

References (8)

http://geeklog.sourceforge.net/index.php?topic=Security

Source: cve@mitre.org

http://www.iss.net/security_center/static/7780.php

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/archive/1/248367

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/3783

Source: cve@mitre.org

PatchVendor Advisory

http://geeklog.sourceforge.net/index.php?topic=Security

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.iss.net/security_center/static/7780.php

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/archive/1/248367

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/3783

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.