On 29/07/16 20:05, Emilio Pozuelo Monfort wrote:
> On 28/07/16 14:59, Matus UHLAR - fantomas wrote:
>>> On 28/07/16 13:35, Matus UHLAR - fantomas wrote:
i believe the fix for CVE-2016-2313 in
CVE-2016-2313-authentication-bypass.patch is invalid.
>>
>> On 28.07.16 14:26, Emilio Pozuelo Mon
On 28/07/16 14:59, Matus UHLAR - fantomas wrote:
>> On 28/07/16 13:35, Matus UHLAR - fantomas wrote:
>>> i believe the fix for CVE-2016-2313 in
>>> CVE-2016-2313-authentication-bypass.patch is invalid.
>
> On 28.07.16 14:26, Emilio Pozuelo Monfort wrote:
>> Thanks for the report. I'll look at it l
On 28/07/16 13:35, Matus UHLAR - fantomas wrote:
i believe the fix for CVE-2016-2313 in
CVE-2016-2313-authentication-bypass.patch is invalid.
On 28.07.16 14:26, Emilio Pozuelo Monfort wrote:
Thanks for the report. I'll look at it later today.
I have posted cacti bug http://bugs.cacti.net/vie
On 28/07/16 13:35, Matus UHLAR - fantomas wrote:
> Hello,
>
> i believe the fix for CVE-2016-2313 in
> CVE-2016-2313-authentication-bypass.patch is invalid.
>
> Quoting the authorization settings:
>
> Web Basic Authentication - Authentication is handled by the web server.
> Users can be added o
Hello,
i believe the fix for CVE-2016-2313 in
CVE-2016-2313-authentication-bypass.patch is invalid.
Quoting the authorization settings:
Web Basic Authentication - Authentication is handled by the web server.
Users can be added or created automatically on first login if the Template
User is def
