SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  ownCloud pre-signed URL Authentication Bypass 1

Category: WEB-ATTACKS      

An issue was discovered in ownCloud owncloud/core before 10.13.1. An attacker can access, modify, or delete any file without authentication if the username of a victim is known, and the victim has no signing-key configured. Hit to this signature may indicate a possible attempt to access ownCloud instance, using pre-signed URL, by exploiting this vulnerability. If no signing-key is configured in ownCloud or access using pre-signed URL is unexpected then consider blocking this signature.

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2342


Relevant Information