2 matches found
SYMSA-2006-005
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec Vulnerability Research http://www.symantec.com/research Security Advisory Advisory ID : SYMSA-2006-005 Advisory Title: Lanap CAPTCHA bypass exposure Author : Michael White, [email protected] and Graham Murphy, [email protected]...
CVE-2006-2918
The Lanap BotDetect ASP.NET CAPTCHA component (pre-1.5.4.0) stores the CAPTCHA UUID and hash in the ViewState, allowing a remote attacker to replay a known ViewState and bypass the CAPTCHA. Symantec advisory SYMSA-2006-005 confirms the bypass and notes the vendor fixed the issue in BotDetect ASP....