CVE-2001-1535

Slashcode 2.0 creates new accounts with an 8-character random password, which could allow local users to obtain session ID’s from cookies and gain unauthorized access via a brute force attack.

Date published : 2005-07-14

http://www.securityfocus.com/bid/3519

http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html