← back
CVE-2001-1534

CVE-2001-1534

EPSS 0.7%
mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.htmlhttp://www.iss.net/security_center/static/7494.phphttp://www.securityfocus.com/bid/3521