Simple Machines Forum PHPSessionID Session Fixation Vulnerability
TITLE: Simple Machines Forum PHPSessionID Session Fixation Vulnerability
CLASS: Design Error
CVE:
REMOTE: Yes
LOCAL: No
PUBLISHED: Jun 14 2007 12:00AM
UPDATE: Jun 15 2007 05:19AM
CREDIT: David Vieira-Kurz is credited with the discovery of this vulnerability.
VULNERABLE:
Simple Machines SMF 1.1.2NOT VULNERABLE:
Vai alla pagina originale su Security Focus
Discussion
Simple Machines Forum is prone to a session-fixation vulnerability.
An attacker can exploit this issue to gain unauthorized access to the affected application.
NOTE: This issue can be exploited only if "session.use_transid" is enabled in the 'php.ini' file.
Simple Machines Forum 1.1.2 is vulnerable; other versions may also be affected.
Exploit
To exploit this issue, an attacker must entice an unsuspecting user to follow a malicious URI. Then, the attacker can use a browser to gain unauthorized access to a vulnerable application.
Solution
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:vuldb@securityfocus.com.
References
References:
- Simple Machines SMF Homepage (Simple Machines)
- [MajorSecurity Advisory #47]Simple Machines Forum (SMF) - Session fixation Issue (MajorSecurity)
- Re: [MajorSecurity Advisory #47]Simple Machines Forum (SMF) - (nobody@domain.com)