Cahier de Texte Index.php Security Restriction Bypass Vulnerability

Bugtraq ID:	21778
Class:	Design Error
CVE:
Remote:	Yes
Local:	No
Published:	Aug 07 2006 12:00AM
Updated:	Jan 04 2007 06:26PM
Credit:	DarkFig has been credited with the discovery of this vulnerability.
Vulnerable:	Cahier de textes Cahier de textes 2.2
Not Vulnerable:

Cahier de Texte Index.php Security Restriction Bypass Vulnerability

Cahier de Texte prone to a vulnerability that lets attackers bypass security restrictions.

This issue occurs due to a design error when the application validates session cookies.

An attacker can exploit this issue to gain unauthorized access to the administrative functions of the vulnerable application. Other attacks may also possible.

Version 2.2 is vulnerable to this issue; other versions may also be affected.

Cahier de Texte Index.php Security Restriction Bypass Vulnerability

The following exploit code is available:

• /data/vulnerabilities/exploits/21778.txt

Cahier de Texte Index.php Security Restriction Bypass Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].

Cahier de Texte Index.php Security Restriction Bypass Vulnerability

References:

• Cahier de textes Homepage (Cahier de textes)
  
• Cahier de texte V2.2 Bypass general access (DarkFig)