SandSurfer Unspecified User Authentication Bypass

2004-02-08T05:00:14
ID OSVDB:3922
Type osvdb
Reporter OSVDB
Modified 2004-02-08T05:00:14

Description

Vulnerability Description

SandSurfer contains a flaw that may allow a malicious user to bypass authentication. The issue is triggered by unspecified conditions. It is possible that the flaw may allow unauthorized login resulting in a loss of confidentiality, integrity, and/or availability.

Solution Description

Upgrade to version 1.7.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

SandSurfer contains a flaw that may allow a malicious user to bypass authentication. The issue is triggered by unspecified conditions. It is possible that the flaw may allow unauthorized login resulting in a loss of confidentiality, integrity, and/or availability.

References:

Vendor URL: http://freshmeat.net/projects/sandsurfer/ Vendor URL: http://sandsurfer.sourceforge.net/ Vendor URL: http://sourceforge.net/project/showfiles.php?group_id=31456 Secunia Advisory ID:10829 CVE-2004-2087 Bugtraq ID: 9647