Iomega StorCenter Pro Session Identifier Prediction Weakness
Date:
2009
Description:
The Iomega StorCenter Pro Network Attached Storage device web interface increments sessions IDs,
allowing for simple brute force attacks to bypass authentication and gain administrative
access.
Exploit:
https://www.rapid7.com/db/modules/auxiliary/admin/http/iomega_storcenterpro_sessionid
Credit:
Patrick Webster
2009
Description:
The Iomega StorCenter Pro Network Attached Storage device web interface increments sessions IDs,
allowing for simple brute force attacks to bypass authentication and gain administrative
access.
Exploit:
https://www.rapid7.com/db/modules/auxiliary/admin/http/iomega_storcenterpro_sessionid
Credit:
Patrick Webster