Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1283

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2009-1283
Last Modified 10 Apr 2009 12:00:00
Published 09 Apr 2009 12:27:57
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-1283

Summary

glFusion before 1.1.3 performs authentication with a user-provided password hash instead of a password, which allows remote attackers to gain privileges by obtaining the hash and using it in the glf_password cookie, aka "User Masquerading." NOTE: this can be leveraged with a separate SQL injection vulnerability to steal hashes.

Vulnerable Systems

Application

  • Glfusion 1.0.0

  • Glfusion 1.0.1

  • Glfusion 1.0.2

  • Glfusion 1.1.0

  • Glfusion 1.1.1

  • Glfusion 1.1.2


References

CONFIRM - http://www.glfusion.org/article.php/glfusion113

MILW0RM - 8347

CONFIRM - http://www.glfusion.org/wiki/doku.php?id=glfusion:whatsnew

SECUNIA - 34575

MISC - http://retrogod.altervista.org/9sg_glfuso_sql_cookies.html

BUGTRAQ - 20090403 glFusion <= 1.1.2 COM_applyFilter()/cookies remote blind sql


Last Updated: 27 May 2016 10:50:31