Candidate: CVE-2012-1104
PublicDate: 2019-12-05 18:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1104
 http://seclists.org/oss-sec/2012/q1/551
 https://github.com/glpi-project/glpi/commit/5dffb63202cbca6386323bab3a8bbed925ea605c#diff-ca9fae6b62e0dd98fccaff6483d379f6
Description:
 A Security Bypass vulnerability exists in the phpCAS 1.2.2 library from the
 jasig project due to the way proxying of services are managed.
Ubuntu-Description:
Notes:
 sbeattie> fixed in php-cas 1.3.0
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662944
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662945
 https://issues.jasig.org/browse/PHPCAS-69
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N [5.3 MEDIUM]

Patches_glpi:
upstream_glpi: released (0.84)
hardy_glpi: ignored (reached end-of-life)
lucid_glpi: ignored (reached end-of-life)
maverick_glpi: ignored (reached end-of-life)
natty_glpi: ignored (reached end-of-life)
oneiric_glpi: ignored (reached end-of-life)
precise_glpi: ignored (reached end-of-life)
precise/esm_glpi: DNE (precise was needs-triage)
quantal_glpi: ignored (reached end-of-life)
raring_glpi: ignored (reached end-of-life)
saucy_glpi: ignored (reached end-of-life)
trusty_glpi: not-affected (0.84.3+dfsg.1-1)
trusty/esm_glpi: DNE (trusty was not-affected [0.84.3+dfsg.1-1])
utopic_glpi: ignored (reached end-of-life)
vivid_glpi: ignored (reached end-of-life)
vivid/stable-phone-overlay_glpi: DNE
vivid/ubuntu-core_glpi: DNE
wily_glpi: ignored (reached end-of-life)
xenial_glpi: not-affected (0.84.3+dfsg.1-1)
yakkety_glpi: not-affected (0.84.3+dfsg.1-1)
zesty_glpi: DNE
artful_glpi: DNE
bionic_glpi: DNE
cosmic_glpi: DNE
devel_glpi: DNE

Patches_moodle:
upstream_moodle: released (2.2.7.dfsg-1)
hardy_moodle: ignored (reached end-of-life)
lucid_moodle: ignored (reached end-of-life)
maverick_moodle: ignored (reached end-of-life)
natty_moodle: ignored (reached end-of-life)
oneiric_moodle: ignored (reached end-of-life)
precise_moodle: ignored (reached end-of-life)
precise/esm_moodle: DNE (precise was needs-triage)
quantal_moodle: ignored (reached end-of-life)
raring_moodle: ignored (reached end-of-life)
saucy_moodle: ignored (reached end-of-life)
trusty_moodle: not-affected (2.5.4-1ubuntu1)
trusty/esm_moodle: DNE (trusty was not-affected [2.5.4-1ubuntu1])
utopic_moodle: ignored (reached end-of-life)
vivid_moodle: ignored (reached end-of-life)
vivid/stable-phone-overlay_moodle: DNE
vivid/ubuntu-core_moodle: DNE
wily_moodle: ignored (reached end-of-life)
xenial_moodle: not-affected (2.5.4-1ubuntu1)
yakkety_moodle: ignored (reached end-of-life)
zesty_moodle: ignored (reached end-of-life)
artful_moodle: ignored (reached end-of-life)
bionic_moodle: not-affected (2.5.4-1ubuntu1)
cosmic_moodle: not-affected (2.5.4-1ubuntu1)
devel_moodle: not-affected (2.5.4-1ubuntu1)