Rational Software Hidden Administrator Unspecified Authentication Bypass Vulnerability

Bugtraq ID:	24049
Class:	Access Validation Error
CVE:	CVE-2007-2783
Remote:	Yes
Local:	No
Published:	May 18 2007 12:00AM
Updated:	May 07 2015 05:39PM
Credit:	Muhammad Ahmed Siddiqui is credited with the discovery of this issue.
Vulnerable:	Rational Software Hidden Administrator 1.7
Not Vulnerable:

Rational Software Hidden Administrator Unspecified Authentication Bypass Vulnerability

Hidden Administrator is prone to an unspecified authentication-bypass vulnerability.

Attackers can exploit this issue to execute arbitrary code on affected computers with the privileges of the application.

Hidden Administrator 1.7 is vulnerable; other versions may also be affected.

Rational Software Hidden Administrator Unspecified Authentication Bypass Vulnerability

The following exploit is available:

• /data/vulnerabilities/exploits/24049.py

Rational Software Hidden Administrator Unspecified Authentication Bypass Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Rational Software Hidden Administrator Unspecified Authentication Bypass Vulnerability

References:

• Hidden Administrator Homepage (Rational Software)
  
• Authentication Bypass in Rational Soft's Hidden Administrator (Muhammad Ahmed Siddiqui)