Lucene search
K

4 matches found

Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.147 views

Novell EDirectory DHOST Predictable Session Cookie

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell eDirectory DHOST Predictable Session Cookie', 'Description' = %q This module is able to predict the next session cookie value issued by th...

7.5CVSS7AI score0.49864EPSS
Exploits3
Circl
Circl
added 2010/03/14 12:0 a.m.15 views

CVE-2009-4655

creationtimestamp| type| source ---|---|--- 2010-03-14 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33767 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/edirectory/edirectorydhostcookie.rb 2025-02-06...

7.5CVSS5AI score0.49864EPSS
Exploits3References2
CVE
CVE
added 2010/02/26 6:9 p.m.58 views

CVE-2009-4655

CVE-2009-4655 affects Novell eDirectory 8.8.5 DHOST web service, which uses a predictable session cookie that can enable session hijacking by a remote attacker. The PacketStorm/MSF and Nessus/OpenVAS entries corroborate a cookie-based hijack vector tied to DHost. Evidence notes the vulnerability ...

7.5CVSS6.8AI score0.49864EPSS
Exploits3References4Affected Software1
Metasploit
Metasploit
added 2009/11/13 9:31 p.m.22 views

Novell eDirectory DHOST Predictable Session Cookie

This module is able to predict the next session cookie value issued by the DHOST web service of Novell eDirectory 8.8.5. An attacker can run this module, wait until the real administrator logs in, then specify the predicted cookie value to hijack their session. This module requires Metasploit:...

7.5CVSS7AI score0.49864EPSS
Exploits3
Rows per page
Query Builder