Interspire ActiveKB 1.5 and earlier allows remote attackers to gain privileges by setting the auth cookie to true when accessing unspecified scripts in /admin.

More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2338)