CVE-2005-4689

CVE-2005-4689

EPSS 1.2%

Six Apart Movable Type 3.16 stores account names and password hashes in a cookie, which allows remote attackers to login to an account by sniffing the cookie.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0091.html http://www.sixapart.com/movabletype/docs/3.2/h_changelog/3_2.html