CVE-2010-3905

Priority
High
Description
The password reset feature in the administrator interface for Eucalyptus
2.0.0 and 2.0.1 does not perform authentication, which allows remote
attackers to gain privileges by sending password reset requests for other
users.
References
Bugs
Assigned-to
kees
Package
Upstream:pending (2.0.2)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
Ubuntu 11.04 (Natty Narwhal):released (2.0.1+bzr1255-0ubuntu1)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:21:30 UTC (commit 5347)