Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0744

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2005-0744
Last Modified 05 Sep 2008 04:47:11
Published 02 May 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0744

Summary

The web GUI for Novell iChain 2.2 and 2.3 SP2 and SP3 allows attackers to hijack sessions and gain administrator privileges by (1) sniffing the connection on TCP port 51100 and replaying the authentication information or (2) obtaining and replaying the PCZQX02 authentication cookie from the browser.

Vulnerable Systems

Application

  • Novell Ichain 2.2

  • Novell Ichain 2.3


References

CONFIRM - http://support.novell.com/cgi-bin/search/searchtid.cgi?/10096885.htm

SECUNIA - 14527

XF - ichain-gain-access(19646)

SECTRACK - 1013406


Last Updated: 27 May 2016 10:39:54