CVE-2010-2270

Description

Accoria Web Server (aka Rock Web Server) 1.4.7 uses a predictable httpmod-sessionid cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie.

Affected products

• accoria / rock_web_server1.4.7 – 1.4.7

References

• MISChttp://www.ioactive.com/pdfs/AccoriaWebServer.pdf
• MISChttp://www.kb.cert.org/vuls/id/245081