Описание
SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter.
SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-2254
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16076
- http://netwinsite.com/surgeldap/updates.htm
- http://secunia.com/advisories/11549
- http://securitytracker.com/alerts/2004/May/1010113.html
- http://securitytracker.com/id?1010068
- http://www.osvdb.org/5890
- http://www.securityfocus.com/bid/10294
EPSS
Процентиль: 94%
0.13174
Средний
CVE ID
Связанные уязвимости
nvd
около 21 года назад
SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter.
EPSS
Процентиль: 94%
0.13174
Средний