EUVD-2001-0905

Malware in sbrugna...

Netdynamics ndcgi.exe Previous User Session Replay

Binary data 1712.prm...

Netdynamics ndcgi.exe Previous User Session Replay

The file ndcgi.exe exists on this web server. Some versions of this file are vulnerable to remote exploit. As Nessus solely relied on the existence of the ndcgi.exe file, this might be a false positive %NASLMINLEVEL 70300 This script was written by John [email protected] See the Nessus...

CVE-2001-0922

ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier versions, allows remote attackers to steal session IDs and hijack user sessions by reading the SPIDERSESSION and uniqueValue variables from the login field, then using those variables after the next user logs in...

CVE-2001-0922

The vulnerability CVE-2001-0922 affects Netdynamics ndcgi.exe (Netdynamics 4.x through 5.x, possibly earlier). The issue allows remote attackers to hijack user sessions by reading SPIDERSESSION and uniqueValue variables from the login field and then reusing them after the next user logs in, enabl...

NMRC Advisory - NetDynamics Session ID is Reusable

I N F O R M A T I O N A N A R C H Y 2 K 0 1 www.nmrc.org/InfoAnarchy Nomad Mobile Research Centre A D V I S O R Y www.nmrc.org Phuzzy L0gic [email protected] 27Nov2001 Platform : Sun Solaris Version 7, 8 Application : NetDynamics 4.x, 5.x Severity : Medium Synopsis -------- It appears that the...

Проблемы с идентификаторами сеансов в NetDynamics под Solraris (unauthorized access)

Можно получить информацию о том, какой идентификатор будет назначен пользователю. Это позволяет перехватить сеанс пользователя...

CVE-2001-0922

ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier versions, allows remote attackers to steal session IDs and hijack user sessions by reading the SPIDERSESSION and uniqueValue variables from the login field, then using those variables after the next user logs in...