Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0350

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-0350
Last Modified 15 Sep 2009 01:10:56
Published 17 Jan 2008 07:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0350

Summary

admin/index.php in Evilsentinel 1.0.9 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to gain administrative privileges and make arbitrary configuration changes.

Vulnerable Systems

Application

  • Evilsentinel 1.0.9


References

SECUNIA - 28427

BID - 27227

MILW0RM - 4884

CONFIRM - http://evilsentinel.altervista.org/forum/index.php?topic=49.0


Last Updated: 27 May 2016 10:46:46