CVE-2001-0972

Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie (UserID 1), i.e. "0888888."
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:surf-net:asp_forum:*:*:*:*:*:*:*:*
cpe:2.3:a:surf-net:asp_forum:2.20:*:*:*:*:*:*:*

History

No history.

Information

Published : 2001-08-31 04:00

Updated : 2024-02-28 10:24


NVD link : CVE-2001-0972

Mitre link : CVE-2001-0972

CVE.ORG link : CVE-2001-0972


JSON object : View

Products Affected

surf-net

  • asp_forum