header-logo
Suggest Exploit
vendor:
BFCC and BFVCC server managers
by:
SecurityFocus
7.5
CVSS
HIGH
Login bypass, Design error, Remote denial of service
287, 20, 400
CWE
Product Name: BFCC and BFVCC server managers
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

BFCC and BFVCC server managers vulnerabilities

BFCC and BFVCC server managers are vulnerable to multiple remote vulnerabilities. The first two issues are login bypass vulnerabilities. These issues allow remote, anonymous attackers to gain access to the affected server process. The third issue is a design error whereby the server application implements access controls, privileges, and other commands in the client-side of the connection. This allows remote attackers to gain full administrative access to the affected application. The fourth issue is a remote denial of service vulnerability. This issue is due to a failure of the application to properly handle multiple connections. These vulnerabilities allow remote attackers to gain administrative access in the affected server application, and to deny further access to the application.

Mitigation:

Ensure that access controls, privileges, and other commands are implemented in the server-side of the connection. Ensure that the application is properly handling multiple connections.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/14690/info

BFCC and BFVCC server managers are vulnerable to multiple remote vulnerabilities.

The first two issues are login bypass vulnerabilities. These issues allow remote, anonymous attackers to gain access to the affected server process.

The third issue is a design error whereby the server application implements access controls, privileges, and other commands in the client-side of the connection. This allows remote attackers to gain full administrative access to the affected application.

The fourth issue is a remote denial of service vulnerability. This issue is due to a failure of the application to properly handle multiple connections.

These vulnerabilities allow remote attackers to gain administrative access in the affected server application, and to deny further access to the application. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/26210.zip

Navigation

Suggest Exploit

Services By CQR