7 lines
No EOL
493 B
Text
7 lines
No EOL
493 B
Text
source: http://www.securityfocus.com/bid/3784/info
|
|
|
|
VitalNet is part of Lucent's VitalSuite SP product family. VitalNet allows users to monitor, analyze, manage and predict the performance of their network infrastructure.
|
|
|
|
The implementation of VitalNet's cookie-based authentication mechanism is flawed. An attacker who successfully guesses a correct username can gain access to the server without need of a valid password.
|
|
|
|
http://<serverip>/cgi-bin/VsSetCookie.exe?vsuser=<user_name> |