CVE-2005-4448

FlatNuke 2.5.6 verifies authentication credentials based on an MD5 checksum of the admin name and the hashed password rather than the plaintext password, which allows attackers to gain privileges by obtaining the password hash (possibly via CVE-2005-2813), then calculating the credentials and including them in the secid cookie.

Score10.0
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactCOMPLETE
Integrity ImpactCOMPLETE
Availability ImpactCOMPLETE
Published2005-12-21 06:03:00.000-05
Last Modified2017-07-19 09:29:15.000-04

Vulnerable Software List

VendorProductVersions
Flatnuke Flatnuke 2.5.6

References

SourceLink
MISChttp://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78&view=markup
SECTRACK1015339
BUGTRAQ20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit
BID15796
XFflatnuke-multiple-obtain-information(22159)