Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2612

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-2612
Last Modified 05 Sep 2008 04:44:37
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2612

Summary

BNC 2.9.0 only grants access when an incorrect password is provided, which allows remote attackers to use the functionality intended for authorized users.

Vulnerable Systems

Application

  • Bnc 2.9.0


References

XF - bnc-invalid-password-auth-bypass(18103)

BID - 11650

OSVDB - 12144

SECUNIA - 13302

CONFIRM - http://www.gotbnc.com/changes.html#2.9.1


Last Updated: 27 May 2016 10:39:33