No description provided by source.
source: http://www.securityfocus.com/bid/3784/info VitalNet is part of Lucent's VitalSuite SP product family. VitalNet allows users to monitor, analyze, manage and predict the performance of their network infrastructure. The implementation of VitalNet's cookie-based authentication mechanism is flawed. An attacker who successfully guesses a correct username can gain access to the server without need of a valid password. http://<serverip>/cgi-bin/VsSetCookie.exe?vsuser=<user_name>