4 matches found
Novell EDirectory DHOST Predictable Session Cookie
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell eDirectory DHOST Predictable Session Cookie', 'Description' = %q This module is able to predict the next session cookie value issued by th...
CVE-2009-4655
creationtimestamp| type| source ---|---|--- 2010-03-14 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33767 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/edirectory/edirectorydhostcookie.rb 2025-02-06...
CVE-2009-4655
CVE-2009-4655 affects Novell eDirectory 8.8.5 DHOST web service, which uses a predictable session cookie that can enable session hijacking by a remote attacker. The PacketStorm/MSF and Nessus/OpenVAS entries corroborate a cookie-based hijack vector tied to DHost. Evidence notes the vulnerability ...
Novell eDirectory DHOST Predictable Session Cookie
This module is able to predict the next session cookie value issued by the DHOST web service of Novell eDirectory 8.8.5. An attacker can run this module, wait until the real administrator logs in, then specify the predicted cookie value to hijack their session. This module requires Metasploit:...