漏洞信息详情

Polar Helpdesk基于cookie的认证系统绕过漏洞

  • CNNVD编号:CNNVD-200412-1067
  • 危害等级: 中危
  • CVE编号: CVE-2004-2736
  • 漏洞类型: 授权问题
  • 发布时间: 2004-12-31
  • 威胁类型: 远程
  • 更新时间: 2007-10-10
  • 厂        商: Polar_software
  • 漏洞来源: Discovery of this ...

漏洞简介

Polar HelpDesk 3.0存在漏洞。远程攻击者可以通过设置一个cookie中UserId和UserType的值绕过认证。

漏洞公告

It is reported that this vulnerability is addressed in the current build of Polar HelpDesk. This is not confirmed. Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com .

参考网址

来源: XF 名称: polar-helpdesk-weak-security(16778) 链接:http://xforce.iss.net/xforce/xfdb/16778 来源: BID 名称: 10775 链接:http://www.securityfocus.com/bid/10775 来源: www.securiteam.com 链接:http://www.securiteam.com/windowsntfocus/5OP0K0ADGA.html 来源: OSVDB 名称: 8168 链接:http://www.osvdb.org/8168 来源: SECUNIA 名称: 12120 链接:http://secunia.com/advisories/12120

补丁

    暂无

漏洞信息快速查询

相关漏洞

更多