4 matches found
Iomega StorCenter Pro NAS Web Authentication Bypass
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Iomega StorCenter Pro NAS Web Authentication Bypass', 'Description' = %q The Iomega StorCenter Pro Network Attached Storage device web interface...
CVE-2009-2367
The CVE-2009-2367 entry concerns the Iomega StorCenter Pro NAS web interface (cgi-bin/makecgi-pro) generating predictable session IDs. The Connected documents confirm exploitability via brute-force guessing of the session_id parameter to hijack active sessions and gain administrative access. A Me...
PT-2009-4796 · Iomega · Iomega Storcenter Pro
Name of the Vulnerable Software and Affected Versions: Iomega StorCenter Pro affected versions not specified Description: The issue allows remote attackers to hijack active sessions and gain privileges via brute force guessing attacks on the session id parameter in the "cgi-bin/makecgi-pro"...
Iomega StorCenter Pro NAS Web Authentication Bypass
The Iomega StorCenter Pro Network Attached Storage device web interface increments sessions IDs, allowing for simple brute force attacks to bypass authentication and gain administrative access. This module requires Metasploit: https://metasploit.com/download Current source:...