Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie (UserID 1), i.e. "0888888."
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2002-02-02T05:00:00
Updated: 2024-08-08T04:37:06.908Z
Reserved: 2002-01-31T00:00:00
Link: CVE-2001-0972
Vulnrichment
No data.
NVD
Status : Modified
Published: 2001-08-31T04:00:00.000
Modified: 2024-11-20T23:36:34.050
Link: CVE-2001-0972
Redhat
No data.