NuytsTech Security

CVE-2007-4419

by ·

Admin.php in Olate Download (od) 3.4.1 uses an MD5 hash of the admin username, user id, and group id, to compose the OD3_AutoLogin authentication cookie, which makes it easier for remote attackers to guess the cookie and access the Admin area.

Date published : 2007-08-18

http://www.securityfocus.com/bid/25343

http://www.securityfocus.com/archive/1/476760/100/0/threaded

Tags: