Tachyondecay VSNS Lemon Authentication Bypass Vulnerability
BID:17396
Info
Tachyondecay VSNS Lemon Authentication Bypass Vulnerability
| Bugtraq ID: | 17396 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 06 2006 12:00AM |
| Updated: | Apr 07 2006 05:48PM |
| Credit: | Aliaksandr Hartsuyeu is credited with the discovery of this vulnerability. |
| Vulnerable: |
Tachyondecay.net VSNS Lemon 3.2 |
| Not Vulnerable: | |
Discussion
Tachyondecay VSNS Lemon Authentication Bypass Vulnerability
VSNS Lemon is prone to an authentication-bypass vulnerability. The issue occurs because the affected scripts fail to properly validate cookie data.
An attacker can exploit this issue to bypass authentication and gain access to sensitive information. This could aid in further attacks on the affected computer.
VSNS Lemon is prone to an authentication-bypass vulnerability. The issue occurs because the affected scripts fail to properly validate cookie data.
An attacker can exploit this issue to bypass authentication and gain access to sensitive information. This could aid in further attacks on the affected computer.
Exploit / POC
Tachyondecay VSNS Lemon Authentication Bypass Vulnerability
This issue can be exploited through a web client.
This issue can be exploited through a web client.
Solution / Fix
Tachyondecay VSNS Lemon Authentication Bypass Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
References
Tachyondecay VSNS Lemon Authentication Bypass Vulnerability
References:
References:
- VSNS Lemon Multiple Vulnerabilities (Aliaksandr Hartsuyeu)
- VSNS Lemon Web Site (Tachyondecay)