CVE-2002-0736
N/A
N/A
Summary
Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by other systems, allows remote attackers to bypass authentication and access the administrative ASP pages via an HTTP request with an authorization type (auth_type) that is not blank.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://archives.neohapsis.com/archives/bugtraq/2002-04/0208.html
- http://www.iss.net/security_center/static/8862.php
- http://support.microsoft.com/support/kb/articles/q316/8/38.asp
- http://www.securityfocus.com/bid/4528
References
- http://archives.neohapsis.com/archives/bugtraq/2002-04/0208.html
- http://www.iss.net/security_center/static/8862.php
- http://support.microsoft.com/support/kb/articles/q316/8/38.asp
- http://www.securityfocus.com/bid/4528
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.