Vulnerability Description
The web GUI for Novell iChain 2.2 and 2.3 SP2 and SP3 allows attackers to hijack sessions and gain administrator privileges by (1) sniffing the connection on TCP port 51100 and replaying the authentication information or (2) obtaining and replaying the PCZQX02 authentication cookie from the browser.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Ichain | 2.2 |
References
- http://secunia.com/advisories/14527PatchVendor Advisory
- http://securitytracker.com/id?1013406
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/10096885.htmPatch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19646
- http://secunia.com/advisories/14527PatchVendor Advisory
- http://securitytracker.com/id?1013406
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/10096885.htmPatch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19646
FAQ
What is CVE-2005-0744?
CVE-2005-0744 is a vulnerability with a CVSS score of 10.0 (HIGH). The web GUI for Novell iChain 2.2 and 2.3 SP2 and SP3 allows attackers to hijack sessions and gain administrator privileges by (1) sniffing the connection on TCP port 51100 and replaying the authentic...
How severe is CVE-2005-0744?
CVE-2005-0744 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0744?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Ichain.