bfcommand & control server 1.22/2.0/2.14 manager Multiple Vulnerabilities

2005-08-29T00:00:00
ID EDB-ID:26210
Type exploitdb
Reporter Luigi Auriemma
Modified 2005-08-29T00:00:00

Description

BFCommand & Control Server 1.22/2.0/2.14 Manager Multiple Remote Vulnerabilities. CVE-2005-2791 . Remote exploits for multiple platform

                                        
                                            source: http://www.securityfocus.com/bid/14690/info

BFCC and BFVCC server managers are vulnerable to multiple remote vulnerabilities.

The first two issues are login bypass vulnerabilities. These issues allow remote, anonymous attackers to gain access to the affected server process.

The third issue is a design error whereby the server application implements access controls, privileges, and other commands in the client-side of the connection. This allows remote attackers to gain full administrative access to the affected application.

The fourth issue is a remote denial of service vulnerability. This issue is due to a failure of the application to properly handle multiple connections.

These vulnerabilities allow remote attackers to gain administrative access in the affected server application, and to deny further access to the application. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/26210.zip