CVE-2009-1283 Information

Description

glFusion before 1.1.3 performs authentication with a user-provided password hash instead of a password which allows remote attackers to gain privileges by obtaining the hash and using it in the glf_password cookie aka \User Masquerading.\ NOTE: this can be leveraged with a separate SQL injection vulnerability to steal hashes.

Reference

http://marc.info/?l=bugtraq&m=123877379105028&w=2 http://retrogod.altervista.org/9sg_glfuso_sql_cookies.html http://secunia.com/advisories/34575 http://www.glfusion.org/article.php/glfusion113 http://www.glfusion.org/wiki/doku.php?id=glfusion:whatsnew https://www.exploit-db.com/exploits/8347