CVE-2005-2789

Description

BFCommand & Control Server Manager BFCC 1.22_A and earlier, and BFVCC 2.14_B and earlier, allows remote attackers to bypass authentication via (1) an unknown attack vector or (2) a NULL (0x00) as a username.

Affected products

• bfcommand_and_control_software / bfcc1.22_a
• bfcommand_and_control_software / bfvcc2.00_a – 2.00_a
• bfcommand_and_control_software / bfvcc2.14_b – 2.14_b

References

• MISChttp://www.securityfocus.com/bid/14690
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/22055
• MISChttp://aluigi.altervista.org/adv/bfccown-adv.txt
• VENDOR_ADVISORYhttp://secunia.com/advisories/16629/
• MAILING_LISThttp://marc.info/?l=bugtraq&m=112534155318828&w=2