Vulnerabilities > CVE-2002-0539 - SQL Injection vulnerability in Demarc PureSecure Authentication Check

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

demarc-security

critical

exploit available

NVD

Published: 2002-07-03

Updated: 2008-09-05

Summary

Demarc PureSecure 1.05 allows remote attackers to gain administrative privileges via a SQL injection attack in a session ID that is stored in the s_key cookie.

Vulnerable Configurations

Part	Description	Count
Application	Demarc_Security Demarc Security Puresecure 1.0.5_For_Unix Demarc Security Puresecure 1.0.5_For_Windows	2

Exploit-Db

description	Demarc PureSecure 1.0.5 Authentication Check SQL Injection Vulnerability. CVE-2002-0539. Remote exploits for multiple platform
id	EDB-ID:21384
last seen	2016-02-02
modified	2002-04-15
published	2002-04-15
reporter	pokleyzz sakamaniaka
source	https://www.exploit-db.com/download/21384/
title	Demarc PureSecure 1.0.5 - Authentication Check SQL Injection Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References