Improper User Identification in Cobalt RaQ Products by Cobalt Networks
CVE-1999-1530

Currently unrated

Key Information:

Vendor: Oracle
Status: Cobalt Raq 3i; Cobalt Raq 2
Vendor: CVE Published:; 8 November 1999

Summary

The cgiwrap utility utilized by Cobalt RaQ 2.0 and RaQ 3i fails to correctly establish user identification, granting potential access for a malicious site administrator to view or alter data from another virtual site hosted on the same server. This vulnerability exposes sensitive information and can lead to unauthorized data manipulation, placing multiple sites at risk of exploitation.

References

http://www.securityfocus.com/bid/777

vdb-entryx_refsource_BID

http://www.iss.net/security_center/static/7764.php

vdb-entryx_refsource_XF

http://www.osvdb.org/35

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability Reserved
Aug 31, 2001
Vulnerability published
Nov 8, 1999