Exploit EmuLive Server4 - Authentication Bypass / Denial of Service

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
24619
Проверка EDB
  1. Пройдено
Автор
GULFTECH SECURITY
Тип уязвимости
DOS
Платформа
CGI
CVE
cve-2004-1695
Дата публикации
2004-09-21
EmuLive Server4 - Authentication Bypass / Denial of Service
Код:
source: https://www.securityfocus.com/bid/11226/info

Reportedly EmuLive Server4 is affected by an authentication bypass vulnerability and a denial of service vulnerability. These issues are due to an access validation issue and a failure to handle exceptional conditions.

An attacker may leverage the authentication bypass issue to gain unauthorized access to the administrator scripts of the affected application, facilitating manipulation of various server settings. The denial of service issue may be exploited to cause the affected computer to freeze, denying service to legitimate users.

http://www.example.com//PUBLIC/ADMIN/INDEX.HTM

Note that the '//' after the 'http://www.example.com' is where a session ID would be presented, by providing no data between these slashes a NULL session ID is used to authenticate the attacker.
 
Источник
www.exploit-db.com

Похожие темы