CVE-2001-0972 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2001-0972

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie (UserID 1), i.e. 0888888.

Affected Software

Name	Vendor	Start Version	End Version
Asp_forum	Surf-net	*	2.30 (including)
Asp_forum	Surf-net	2.20 (including)	2.20 (including)

References

http://marc.info/?l=bugtraq\u0026m=99834088223352\u0026w=2
http://www.securityfocus.com/bid/3210
https://exchange.xforce.ibmcloud.com/vulnerabilities/7011
http://marc.info/?l=bugtraq\u0026m=99834088223352\u0026w=2
http://www.securityfocus.com/bid/3210
https://exchange.xforce.ibmcloud.com/vulnerabilities/7011