Predictable Checksum Vulnerability in eyeOS Affects User Account Registration
CVE-2007-4609

Currently unrated

Key Information:

Vendor: Eyeos Project
Status: Eyeos
Vendor: CVE Published:; 31 August 2007

🔔 Create Eyeos Project Vulnerability Alert

What is CVE-2007-4609?

The vulnerability in eyeOS arises from the usage of predictable checksum values within the checknum parameter, which can be exploited by remote attackers. This flaw permits attackers to register multiple unauthorized user accounts through the doCreateUser actions and to post numerous eyeBoard messages via addMsg actions. Such exploitation can lead to denial of service situations or other unauthorized activities by simply guessing valid parameter values, thereby compromising the integrity and availability of the eyeOS platform.

References

http://osvdb.org/45836

vdb-entryx_refsource_OSVDB

http://securityreason.com/securityalert/3081

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/477866/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 31, 2007
Vulnerability Reserved
Aug 30, 2007

CVE-2007-4609 Data

JSON