Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6237

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2007-6237
Last Modified 05 Sep 2008 05:32:44
Published 04 Dec 2007 01:46:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2007-6237

Summary

cp.php in DeluxeBB 1.09 does not verify that the membercookie parameter corresponds to the authenticated member during a profile update, which allows remote authenticated users to change the e-mail addresses of arbitrary accounts via a modified membercookie parameter, a different vector than CVE-2006-4078. NOTE: this can be leveraged for administrative access by requesting password-reset e-mail through a lostpw action to misc.php.

Vulnerable Systems

Application

  • Deluxebb 1.09


References

BUGTRAQ - 20071126 DeluxeBB E-Mail Address Change Security Bypass

SECUNIA - 27794

BID - 26572

SREASON - 3416


Last Updated: 27 May 2016 10:46:25