Candidate: CVE-2010-1670
PublicDate: 2010-07-06 17:17:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1670
 http://wiki.mahara.org/Release_Notes/1.0.15
 http://wiki.mahara.org/Release_Notes/1.1.9
 http://wiki.mahara.org/Release_Notes/1.2.5
Description:
 Mahara before 1.0.15, 1.1.x before 1.1.9, and 1.2.x before 1.2.5 has
 improper configuration options for authentication plugins associated with
 logins that use the single sign-on (SSO) functionality, which allows remote
 attackers to bypass authentication via an empty password.  NOTE: some of
 these details are obtained from third party information.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_mahara:
 debdiff: https://bugs.launchpad.net/ubuntu/+source/mahara/+bug/602772
upstream_mahara: released (1.0.15,1.1.9,1.2.5)
dapper_mahara: DNE
hardy_mahara: DNE
jaunty_mahara: released (1.0.9-2ubuntu0.7)
karmic_mahara: released (1.1.5-1ubuntu0.3)
lucid_mahara: released (1.2.4-1ubuntu0.1)
devel_mahara: released (1.2.5-2)