source: http://www.securityfocus.com/bid/11226/info Reportedly EmuLive Server4 is affected by an authentication bypass vulnerability and a denial of service vulnerability. These issues are due to an access validation issue and a failure to handle exceptional conditions. An attacker may leverage the authentication bypass issue to gain unauthorized access to the administrator scripts of the affected application, facilitating manipulation of various server settings. The denial of service issue may be exploited to cause the affected computer to freeze, denying service to legitimate users. http://www.example.com//PUBLIC/ADMIN/INDEX.HTM Note that the '//' after the 'http://www.example.com' is where a session ID would be presented, by providing no data between these slashes a NULL session ID is used to authenticate the attacker.
Related ExploitsTrying to match CVEs (1): CVE-2004-1695
Trying to match OSVDBs (1): 10176
Other Possible E-DB Search Terms: EmuLive Server4
|2004-09-21||Emulive Server4 Build 7560 - Remote Denial of Service||GulfTech Se...|