CVE-2006-5737 Information

Description

PunBB uses a predictable cookie_seed value that can be derived from the time of registration of the superadmin account (installation time) which might allow local users to perform unauthorized actions.

Reference

http://securitytracker.com/id?1017131 http://www.osvdb.org/30134 http://www.securityfocus.com/archive/1/450055/100/0/threaded http://www.wargan.org/index.php/2006/10/29/4-punbb-1213-multiple-vulnerabilities