Geeklog lib-sessions.php Session Handling Authentication Bypass

2006-03-05T03:48:42
ID OSVDB:23703
Type osvdb
Reporter OSVDB
Modified 2006-03-05T03:48:42

Description

Solution Description

Upgrade to version 1.4.0sr2, 1.3.11sr5, 1.3.9sr5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor Specific News/Changelog Entry: http://www.geeklog.net/article.php/geeklog-1.4.0sr2 FrSIRT Advisory: ADV-2006-0851