CVE-2005-2789

Опубликовано: 02 сент. 2005

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

BFCommand & Control Server Manager BFCC 1.22_A and earlier, and BFVCC 2.14_B and earlier, allows remote attackers to bypass authentication via (1) an unknown attack vector or (2) a NULL (0x00) as a username.

Ссылки

http://aluigi.altervista.org/adv/bfccown-adv.txt
Exploit
Vendor Advisory
http://marc.info/?l=bugtraq&m=112534155318828&w=2
http://secunia.com/advisories/16629/
Vendor Advisory
http://www.securityfocus.com/bid/14690
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/22055
http://aluigi.altervista.org/adv/bfccown-adv.txt
Exploit
Vendor Advisory
http://marc.info/?l=bugtraq&m=112534155318828&w=2
http://secunia.com/advisories/16629/
Vendor Advisory
http://www.securityfocus.com/bid/14690
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/22055

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:bfcommand_and_control_software:bfcc:*:*:*:*:*:*:*:*

Версия до 1.22_a (включая)

cpe:2.3:a:bfcommand_and_control_software:bfvcc:2.00_a:*:*:*:*:*:*:*

cpe:2.3:a:bfcommand_and_control_software:bfvcc:2.14_b:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.00994

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-pc9r-xwmf-jxwf

github

почти 4 года назад