Vulnerabilities > CVE-2006-0153 - Authentication Bypass vulnerability in 427BB
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
427BB 2.2 and 2.2.1 verifies authentication credentials based on the username, authenticated, and usertype cookies, which allows remote attackers to bypass authentication by using a valid username and usertype and setting the authenticated cookie.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | 427BB 2.2 Authentication Bypass Vulnerability. CVE-2006-0153. Webapps exploit for php platform |
id | EDB-ID:27054 |
last seen | 2016-02-03 |
modified | 2006-01-09 |
published | 2006-01-09 |
reporter | Aliaksandr Hartsuyeu |
source | https://www.exploit-db.com/download/27054/ |
title | 427BB 2.2 - Authentication Bypass Vulnerability |
References
- http://evuln.com/vulns/18/summary.html
- http://secunia.com/advisories/18354
- http://www.osvdb.org/22274
- http://www.securityfocus.com/archive/1/421326/100/0/threaded
- http://www.securityfocus.com/bid/16178
- http://www.vupen.com/english/advisories/2006/0091
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24038