Lucene search
MitreCVELIST:CVE-2011-0887HistoryFeb 08, 2011 - 9:00 p.m.
CVE-2011-0887
2011-02-0821:00:00
mitre
www.cve.org
2
The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack on the userid cookie.
References
seclists.org/bugtraq/2011/Feb/36
secunia.com/advisories/43199
securityreason.com/securityalert/8068
www.exploit-db.com/exploits/16123/
www.securityfocus.com/archive/1/516205/100/0/threaded
www.securityfocus.com/bid/46215
exchange.xforce.ibmcloud.com/vulnerabilities/65186
www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt
Related
cve
cve
CVE-2011-0887
2011-02-08 22:00:02
prion
prion
Design/Logic Flaw
2011-02-08 22:00:00
nvd
nvd
CVE-2011-0887
2011-02-08 22:00:02
packetstorm
packetstorm
Comcast DOCSIS 3.0 Business Gateways XSRF / Session Management
2011-02-05 00:00:00
exploitdb
exploitdb
Comcast DOCSIS 3.0 Business Gateways - Multiple Vulnerabilities
2011-02-06 00:00:00
seebug
seebug
Comcast DOCSIS 3.0 Business Gateways Multiple Vulnerabilities
2014-07-01 00:00:00
securityvulns
securityvulns
exploitpack
exploitpack
Comcast DOCSIS 3.0 Business Gateways - Multiple Vulnerabilities
2011-02-06 00:00:00
zdt
zdt
Comcast DOCSIS 3.0 Business Gateways Multiple Vulnerabilities
2011-02-06 00:00:00