Security Advisory

CVE-2006-3204

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-06-24 01:00:00

Last updated 2024-08-07 18:23:21

Assigner mitre

State PUBLISHED

Description

Ultimate PHP Board (UPB) 1.9.6 and earlier uses a cryptographically weak block cipher with a large key collision space, which allows remote attackers to determine a suitable decryption key given the plaintext and ciphertext by obtaining the plaintext password, which is sent when logging in, and the ciphertext, which is set in the pass_env cookie.

← Browse all CVEs View on cve.org ↗