Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1058

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2002-1058
Last Modified 05 Sep 2008 04:29:40
Published 04 Oct 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1058

Summary

Directory traversal vulnerability in splashAdmin.php for Cobalt Qube 3.0 allows local users and remote attackers, to gain privileges as the Qube Admin via .. (dot dot) sequences in the sessionId cookie that point to an alternate session file.

Vulnerable Systems

Application

  • Cobalt Qube 3.0


References

BID - 5297

XF - cobalt-qube-admin-access(9669)

BUGTRAQ - 20020723 Cobalt Qube 3 Administration page


Last Updated: 27 May 2016 10:37:10