Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0944

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0944
Last Modified 07 Mar 2011 09:31:25
Published 28 Feb 2006 09:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0944

Summary

Archangel Weblog 0.90.02 allows remote attackers to bypass authentication by setting the ba_admin cookie to 1.

Vulnerable Systems

Application

  • Archangelmgt Weblog 0.90.02


References

XF - archangel-admin-auth-bypass(24984)

BUGTRAQ - 20060226 Archangel Weblog 0.90.02 Admin Authentication Bypass & Remote File Inclusion

BID - 16848

OSVDB - 23620

MILW0RM - 3859

SECTRACK - 1015689

XF - archangel-get-gain-access(24984)


Last Updated: 27 May 2016 10:42:34