Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
| GEN:SID | 1:2243 |
| Message | WEB-MISC ndcgi.exe access |
| Summary | This event is generated when an attempt is made to access the web cgi application ndcgi.exe. |
| Impact | Session hijacking. Unauthorized access to resources. |
| Detailed Information | Certain versions of Netdynamics web application present an attacker with the opportunity to steal session IDs and hijack user sessions from the information contained in the SPIDERSESSION and uniqueValue variables. |
| Affected Systems | Netdynamics 4.x through 5.x |
| Attack Scenarios | The attacker can gain the information necessary to login using valid user credentials by reading the information contained in the SPIDERSESSION and uniqueValue variables. |
| Ease of Attack | Simple. |
| Corrective Action | Upgrade to the latest non-affected version of the software. |
| Additional References | |
| Rule References | bugtraq: 3583 cve: 2001-0922 nessus: 11730 |
--
DID:488804
--
http://www.aanval.com/