CVE-2005-0744

4 documents4 sources
Severity
10.0CRITICAL
EPSS
0.3%
top 48.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Novell Ichain
Timeline
PublishedMay 2
Latest updateMay 1

Description

The web GUI for Novell iChain 2.2 and 2.3 SP2 and SP3 allows attackers to hijack sessions and gain administrator privileges by (1) sniffing the connection on TCP port 51100 and replaying the authentication information or (2) obtaining and replaying the PCZQX02 authentication cookie from the browser.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDnovell/ichain2.2, 2.3+1

Patches

Patch: secunia.comPatch: support.novell.comPatch: secunia.com

🔴Vulnerability Details

2
GHSA
GHSA-2fqr-9mfm-jj9x: The web GUI for Novell iChain 22022-05-01
CVEList
CVE-2005-0744: The web GUI for Novell iChain 22005-03-13
CVE-2005-0744 (CRITICAL CVSS 10) | The web GUI for Novell iChain 2.2 a | cvebase.io