Vulnerabilities > CVE-2006-0440 - Unspecified vulnerability in Text Rider Text Rider 2.4

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

text-rider

NVD

Published: 2006-01-26

Updated: 2018-10-19

Summary

Text Rider 2.4 allows attackers to bypass authentication and upload files without providing a valid password by obtaining the MD5 hash of the password (possibly via another vulnerability that reads it from a data file), then including the hash in a cookie.

Vulnerable Configurations

Part	Description	Count
Application	Text_Rider Text Rider Text Rider 2.4	1

References

http://evuln.com/vulns/46/summary.html
http://securitytracker.com/id?1015533
http://www.securityfocus.com/archive/1/423130/100/0/threaded