Arbitrary Account Deletion Vulnerability in Domain Technologie Control (DTC)

Arbitrary Account Deletion Vulnerability in Domain Technologie Control (DTC)

CVE-2011-0437 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:N/A:P

shared/inc/sql/ssh.php in the SSH accounts management implementation in Domain Technologie Control (DTC) before 0.32.9 allows remote authenticated users to delete arbitrary accounts via the edssh_account parameter in a deletesshaccount Delete action.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.