CVE-2005-4689

CVE-2005-4689

EPSS 1.2%

Six Apart Movable Type 3.16 stores account names and password hashes in a cookie, which allows remote attackers to login to an account by sniffing the cookie.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0091.html http://www.sixapart.com/movabletype/docs/3.2/h_changelog/3_2.html