{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-01-10T00:00:00", "descriptions": [{"lang": "en", "value": "Geeklog 1.3 allows remote attackers to hijack user accounts, including the administrator account, by modifying the UID of a user's permanent cookie to the target account."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2002-03-22T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "geeklog-modify-auth-cookie(7869)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/7869.php"}, {"name": "3844", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/3844"}, {"name": "20020110 Cookie modification allows unauthenticated user login in Geeklog 1.3", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://online.securityfocus.com/archive/1/249443"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://geeklog.sourceforge.net/index.php?topic=Security"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0097", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Geeklog 1.3 allows remote attackers to hijack user accounts, including the administrator account, by modifying the UID of a user's permanent cookie to the target account."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "geeklog-modify-auth-cookie(7869)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/7869.php"}, {"name": "3844", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3844"}, {"name": "20020110 Cookie modification allows unauthenticated user login in Geeklog 1.3", "refsource": "BUGTRAQ", "url": "http://online.securityfocus.com/archive/1/249443"}, {"name": "http://geeklog.sourceforge.net/index.php?topic=Security", "refsource": "CONFIRM", "url": "http://geeklog.sourceforge.net/index.php?topic=Security"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T02:35:17.582Z"}, "title": "CVE Program Container", "references": [{"name": "geeklog-modify-auth-cookie(7869)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "http://www.iss.net/security_center/static/7869.php"}, {"name": "3844", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/3844"}, {"name": "20020110 Cookie modification allows unauthenticated user login in Geeklog 1.3", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://online.securityfocus.com/archive/1/249443"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://geeklog.sourceforge.net/index.php?topic=Security"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0097", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2002-03-15T00:00:00", "dateUpdated": "2024-08-08T02:35:17.582Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:geeklog:geeklog:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "2EE5B106-CE02-4864-A1FB-B18F66876383", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Geeklog 1.3 allows remote attackers to hijack user accounts, including the administrator account, by modifying the UID of a user's permanent cookie to the target account."}, {"lang": "es", "value": "Geeklog 1.3 permite al atacante remoto la apropiaci\u00f3n de cuentas de usuario, incluyendo cuentas del administrador, mediante la modificaci\u00f3n del identificador de usuario (UID) de una 'cookie' permanente implantada en la cuenta atacada."}], "id": "CVE-2002-0097", "lastModified": "2024-11-20T23:38:18.247", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-03-25T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://geeklog.sourceforge.net/index.php?topic=Security"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://online.securityfocus.com/archive/1/249443"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.iss.net/security_center/static/7869.php"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/3844"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://geeklog.sourceforge.net/index.php?topic=Security"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://online.securityfocus.com/archive/1/249443"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.iss.net/security_center/static/7869.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/3844"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}