DataRescue IDA Pro Processor_Request Authentication Bypass Vulnerability
BID:23114
Info
DataRescue IDA Pro Processor_Request Authentication Bypass Vulnerability
| Bugtraq ID: | 23114 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 23 2007 12:00AM |
| Updated: | Mar 23 2007 09:13PM |
| Credit: | enhalos is credited with the discovery of this issue. |
| Vulnerable: |
DataRescue IDA Pro 5.1 DataRescue IDA Pro 5.0 DataRescue IDA Pro 4.8 |
| Not Vulnerable: | |
Discussion
DataRescue IDA Pro Processor_Request Authentication Bypass Vulnerability
DataRescue IDA Pro is prone to an authentication-bypass vulnerability because it fails to adequately authorize users before granting them access to specific functions.
An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application.
Versions 4.8 through 5.1 are vulnerable.
DataRescue IDA Pro is prone to an authentication-bypass vulnerability because it fails to adequately authorize users before granting them access to specific functions.
An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application.
Versions 4.8 through 5.1 are vulnerable.
Exploit / POC
DataRescue IDA Pro Processor_Request Authentication Bypass Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
DataRescue IDA Pro Processor_Request Authentication Bypass Vulnerability
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
DataRescue IDA Pro 5.0
DataRescue IDA Pro 5.1
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
DataRescue IDA Pro 5.0
-
DataRescue ida_remdeb_fix_22032007.zip
http://www.datarescue.com/freefiles/ida_remdeb_fix_22032007.zip
DataRescue IDA Pro 5.1
-
DataRescue ida_remdeb_fix_22032007.zip
http://www.datarescue.com/freefiles/ida_remdeb_fix_22032007.zip
References
DataRescue IDA Pro Processor_Request Authentication Bypass Vulnerability
References:
References:
- DataRescue IDA Pro Remote Debugger Server Authentication Bypass Vulnerability (iDefense Labs)
- IDA Product Page (Hex-Rays)
- DataRescue IDA Pro Remote Debugger Server Authentication Bypass Vulnerability (iDefense Labs)