CVE-2011-1035 Information

Description

The password reset in PivotX before 2.2.4 allows remote attackers to modify the passwords of arbitrary users via unspecified vectors.

Reference

http://blog.pivotx.net/2011-02-16/pivotx-225-released http://forum.pivotx.net/viewtopic.php?f=2&t=1961 http://forum.pivotx.net/viewtopic.php?f=2&t=1967 http://forum.pivotx.net/viewtopic.php?p=10639p10639 http://osvdb.org/70935 http://secunia.com/advisories/43417 http://www.kb.cert.org/vuls/id/175068 http://www.securityfocus.com/bid/46463 http://www.vupen.com/english/advisories/2011/0445 https://exchange.xforce.ibmcloud.com/vulnerabilities/65539