Keene Digital Media Server adminshares.kspx Adminsitrative Authentication Bypass

2004-09-02T08:05:26
ID OSVDB:9518
Type osvdb
Reporter Dr_insane(dr_insane@pathfinder.gr)
Modified 2004-09-02T08:05:26

Description

Vulnerability Description

Digital Media Server contains a flaw that may allow a remote attacker to gain access to unauthorized privileges. The issue is triggered when a remote attacker accesses the adminshares.kspx script directly. This flaw may lead to a loss of Confidentiality.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Digital Media Server contains a flaw that may allow a remote attacker to gain access to unauthorized privileges. The issue is triggered when a remote attacker accesses the adminshares.kspx script directly. This flaw may lead to a loss of Confidentiality.

References:

Vendor URL: http://www.keenesoftware.com/html/dms.html Security Tracker: 1011156 Secunia Advisory ID:12423 Related OSVDB ID: 9514 Related OSVDB ID: 9516 Related OSVDB ID: 9515 Related OSVDB ID: 9517