PublicDate: 2008-03-20 00:44:00 UTC
Candidate: CVE-2008-1393
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1393
Description:
 Plone CMS 3.0.5, and probably other 3.x versions, places a base64 encoded
 form of the username and password in the __ac cookie for the admin account,
 which makes it easier for remote attackers to obtain administrative
 privileges by sniffing the network.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 


Patches_zope-cmfplone:
upstream_zope-cmfplone: needs-triage
dapper_zope-cmfplone: ignored (reached end-of-life)
edgy_zope-cmfplone: needs-triage (reached end-of-life)
feisty_zope-cmfplone: needs-triage (reached end-of-life)
gutsy_zope-cmfplone: needs-triage (reached end-of-life)
hardy_zope-cmfplone: ignored (reached end-of-life)
intrepid_zope-cmfplone: needs-triage (reached end-of-life)
jaunty_zope-cmfplone: DNE
karmic_zope-cmfplone: DNE
lucid_zope-cmfplone: DNE
maverick_zope-cmfplone: DNE
natty_zope-cmfplone: DNE
oneiric_zope-cmfplone: DNE
devel_zope-cmfplone: DNE