admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2004/CVE-2004-1219.md
0xMarcio 48a00929ac Removed duplicates
2024-06-18 02:51:15 +02:00

19 lines
830 B
Markdown
Raw Blame History

### [CVE-2004-1219](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1219)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
### Description
paFileDB 3.1, when using sessions authentication and while the administrator logs on, allows remote attackers to read the administrator's password hash and conduct brute force password guessing attacks by listing the contents of the sessions directory and reading the associated file for the administrator session.
### POC
#### Reference
- http://echo.or.id/adv/adv09-y3dips-2004.txt
- http://marc.info/?l=bugtraq&m=110245123927025&w=2
#### Github
No PoCs found on GitHub currently.
Reference in New Issue View Git Blame Copy Permalink