BID:22873

Dynaliens Validlien.PHP3 Remote Authentication Bypass Vulnerability

Info

Dynaliens Validlien.PHP3 Remote Authentication Bypass Vulnerability

Bugtraq ID:	22873
Class:	Access Validation Error
CVE:	CVE-2007-1389
Remote:	Yes
Local:	No
Published:	Mar 08 2007 12:00AM
Updated:	May 12 2015 07:33PM
Credit:	sn0oPy discovered this vulnerability.
Vulnerable:	dynaliens dynaliens 2.1 dynaliens dynaliens 2.0

Not Vulnerable:

Discussion

Dynaliens Validlien.PHP3 Remote Authentication Bypass Vulnerability

The 'dynaliens' program is prone to a vulnerability that allows remote attackers to bypass authentication.

Successfully exploiting this issue allows remote attackers to gain remote administrative access to the vulnerable application.

Exploit / POC

Dynaliens Validlien.PHP3 Remote Authentication Bypass Vulnerability

Attackers can use a browser to exploit this issue.

Solution / Fix

Dynaliens Validlien.PHP3 Remote Authentication Bypass Vulnerability

Solution:
EMC has released patches to address this issue. Please see the references for more information.

References

Dynaliens Validlien.PHP3 Remote Authentication Bypass Vulnerability

References:

dynaliens Web Site (dynaliens)
dynaliens v2.0/v2.1 bypass admin authentification + XSS ([email protected])