MidnightBSD

Advisories for surf-net

CVE-2001-0972 HIGH

Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie (UserID 1), i.e. "0888888."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
surf-net asp_forum 2.20
surf-net asp_forum *