CVE-2004-2612

Description

BNC 2.9.0 only grants access when an incorrect password is provided, which allows remote attackers to use the functionality intended for authorized users.

Affected products

• bnc / bnc2.9.0 – 2.9.0

References

• VENDOR_ADVISORYhttp://secunia.com/advisories/13302
• MISChttp://www.securityfocus.com/bid/11650
• MISChttp://www.osvdb.org/12144
• MISChttp://www.gotbnc.com/changes.html#2.9.1
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/18103