CVE-2008-1484

NONECVSS 0.0

0.0

The password reset feature in PunBB 1.2.16 and earlier uses predictable random numbers based on the system time, which allows remote authenticated users to determine the new password via a brute force attack on a seed that is based on the approximate creation time of the targeted account. NOTE: this issue might be related to CVE-2006-5737.

🔗 References (16)

cve@mitrehttp://osvdb.org/45561
cve@mitrehttp://punbb.org/download/changelogs/1.2.16_to_1.2.17.txt
cve@mitrehttp://punbb.org/forums/viewtopic.php?id=18460
cve@mitrehttp://secunia.com/advisories/29043
cve@mitrehttp://sektioneins.de/advisories/SE-2008-01.txt
cve@mitrehttp://www.securityfocus.com/archive/1/488408/100/200/threaded
cve@mitrehttp://www.securityfocus.com/bid/27908
cve@mitrehttps://www.exploit-db.com/exploits/5165
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/45561
af854a3a-2127-422b-91ae-364da2661108http://punbb.org/download/changelogs/1.2.16_to_1.2.17.txt
af854a3a-2127-422b-91ae-364da2661108http://punbb.org/forums/viewtopic.php?id=18460
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29043
af854a3a-2127-422b-91ae-364da2661108http://sektioneins.de/advisories/SE-2008-01.txt
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/488408/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/27908

Is Your Infrastructure Affected by CVE-2008-1484?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-1484

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-1484?