CVE-2005-2790

Description

BFCommand & Control Server Manager BFCC 1.22_A and earlier, and BFVCC 2.14_B and earlier, relies on the client to enforce permissions and perform actions such as disconnections, which allows remote attackers to bypass administrative restrictions via a modified client.

Affected products

• bfcommand_and_control_software / bfcc1.22_a
• bfcommand_and_control_software / bfvcc2.00_a – 2.00_a
• bfcommand_and_control_software / bfvcc2.14_b – 2.14_b

References

• MISChttp://www.securityfocus.com/bid/14690
• MISChttp://aluigi.altervista.org/adv/bfccown-adv.txt
• VENDOR_ADVISORYhttp://secunia.com/advisories/16629/
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/22057
• MAILING_LISThttp://marc.info/?l=bugtraq&m=112534155318828&w=2