Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2079

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-2079
Last Modified 10 Sep 2008 03:32:55
Published 09 Feb 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2079

Summary

Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication to IP addresses, which allows remote attackers to bypass authentication by connecting from the same IP address as an active authenticated user.

Vulnerable Systems


References

SECTRACK - 1009001

XF - redalert-gain-access(15088)

BID - 9618

BUGTRAQ - 20040209 Red-M Red-Alert Multiple Vulnerabilities

MISC - http://www.securiteam.com/securitynews/5SP0C0KC0A.html

MISC - http://genhex.org/releases/031003.txt

OSVDB - 3952


Last Updated: 27 May 2016 10:39:20