Vulnerability Description
admin.php in AlGuest 1.0 guestbook checks for the existence of the admin cookie to authenticate the AlGuest administrator, which allows remote attackers to bypass the authentication and gain privileges by setting the admin cookie to an arbitrary value.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alguest | Alguest | 1.0 |
References
- http://www.iss.net/security_center/static/8623.phpVendor Advisory
- http://www.securityfocus.com/archive/1/263902Vendor Advisory
- http://www.securityfocus.com/bid/4355ExploitVendor Advisory
- http://www.iss.net/security_center/static/8623.phpVendor Advisory
- http://www.securityfocus.com/archive/1/263902Vendor Advisory
- http://www.securityfocus.com/bid/4355ExploitVendor Advisory
FAQ
What is CVE-2002-0491?
CVE-2002-0491 is a vulnerability with a CVSS score of 10.0 (HIGH). admin.php in AlGuest 1.0 guestbook checks for the existence of the admin cookie to authenticate the AlGuest administrator, which allows remote attackers to bypass the authentication and gain privilege...
How severe is CVE-2002-0491?
CVE-2002-0491 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0491?
Check the references section above for vendor advisories and patch information. Affected products include: Alguest Alguest.