CVE-2006-0864 Information

Description

filescan in Global Hauri ViRobot 2.0 20050817 does not verify the Cookie HTTP header which allows remote attackers to gain administrative privileges via an arbitrary cookie value.

Reference

http://secunia.com/advisories/18974 http://securitytracker.com/id?1015658 http://www.securityfocus.com/archive/1/425788/100/0/threaded http://www.securityfocus.com/bid/16768 http://www.vupen.com/english/advisories/2006/0691 http://x82.inetcop.org/h0me/adv1sor1es/INCSA.2006-0x82-028-VIROBOT.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/24850