2 matches found
CVE-2004-2254
SurgeLDAP 1.0g (Build 12), and possibly earlier 1.0h, contains an authentication bypass vulnerability in the administration interface. The issue allows remote attackers to bypass login by sending a direct request to admin.cgi with a modified utoken parameter. The affected product/version informat...
CVE-2004-2254
SurgeLDAP 1.0g Build 12, and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter...