Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0491

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2002-0491
Last Modified 05 Sep 2008 04:28:09
Published 12 Aug 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0491

Summary

admin.php in AlGuest 1.0 guestbook checks for the existence of the admin cookie to authenticate the AlGuest administrator, which allows remote attackers to bypass the authentication and gain privileges by setting the admin cookie to an arbitrary value.

Vulnerable Systems

Application

  • Alguest 1.0


References

BID - 4355

BUGTRAQ - 20020324 Cookie vulnerability in Alguest guestbook (PHP)

XF - alguest-php-admin-access(8623)


Last Updated: 27 May 2016 10:36:56