|
|
CVE Reference: CVE-2006-0411 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-0411 |
|
|
Description: claro_init_local.inc.php in Claroline 1.7.2 uses guessable session cookies (MD5 hash of connection time), which allows remote attackers to hijack sessions and possibly gain administrative privileges. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/24326 SAID Secunia Advisory: SA18588 BUGTRAQ http://www.securityfocus.com/archive/1/422482 BID 16341 |
|
| Return to the previous page. |
