Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3435

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3435
Last Modified 07 Mar 2011 09:26:31
Published 02 Nov 2005 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3435

Summary

admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to bypass authentication by obtaining the password hash for another user, for example through another Newsworld vulnerability, and specifying the hash in the pwd argument.

Vulnerable Systems

Application

  • Archilles Newsworld 1.3.0


References

XF - newsworld-adminnews-bypass-authentication(22860)

SECUNIA - 17310

BUGTRAQ - 20051021 aRCHILLES Newsworld < 1.5.0-rc1 Multiple Vulnerabilities


Last Updated: 27 May 2016 10:40:56