Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1245

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2003-1245
Last Modified 05 Sep 2008 04:36:25
Published 31 Dec 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1245

Summary

index2.php in Mambo 4.0.12 allows remote attackers to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie.

Vulnerable Systems


References

BID - 6926

XF - mambo-sessionid-gain-privileges(11398)

BUGTRAQ - 20030224 Mambo SiteServer exploit gains administrative privileges


Last Updated: 27 May 2016 10:38:17