Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4609

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2007-4609
Last Modified 15 Nov 2008 01:57:45
Published 30 Aug 2007 08:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4609

Summary

eyeOS uses predictable checksum values in the checknum parameter for access control, which allows remote attackers to register many accounts via doCreateUser actions, add many eyeBoard messages via addMsg actions, and cause a denial of service or conduct certain unauthorized activities, by guessing valid parameter values.

Vulnerable Systems

Operating System

  • Eyeos Project Eyeos


References

BUGTRAQ - 20070827 eyeOS checksum prediction

OSVDB - 45836

SREASON - 3081


Last Updated: 27 May 2016 10:45:54