Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6131

Overview

Vulnerability Score 6.0 6.0
CVE Id CVE-2008-6131
Last Modified 19 Aug 2009 01:23:10
Published 13 Feb 2009 01:30:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2008-6131

Summary

Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.

Vulnerable Systems

Application

  • Mozilowiki 0.10

  • Mozilowiki 0.7

  • Mozilowiki 0.8

  • Mozilowiki 0.9

  • Mozilowiki 1.0.0

  • Mozilowiki 1.0.1


References

XF - mozilowiki-phpsessid-session-hijacking(45528)

BID - 31493

CONFIRM - http://wiki.mozilo.de/index.php?page=Changelog

SECUNIA - 32024

BUGTRAQ - 20080930 [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues


Last Updated: 27 May 2016 10:49:04