NetSupport Manager Remote Authentication Bypass Vulnerability
BID:25761
Info
NetSupport Manager Remote Authentication Bypass Vulnerability
| Bugtraq ID: | 25761 |
| Class: | Access Validation Error |
| CVE: |
CVE-2007-5057 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 21 2007 12:00AM |
| Updated: | May 07 2015 05:35PM |
| Credit: | sxkeebler and r@b13s of Digital Defense discovered this issue. |
| Vulnerable: |
NetSupport NetSupport Manager 9.60 NetSupport NetSupport Manager 9.50 NetSupport NetSupport Manager 9.10 NetSupport NetSupport Manager 9.00 NetSupport NetSupport Manager 8.60 NetSupport NetSupport Manager 8.50 NetSupport NetSupport Manager 8.10 NetSupport NetSupport Manager 8.00 NetSupport NetSupport Manager 7.10 NetSupport NetSupport Manager 7.01 NetSupport NetSupport Manager 6.11 NetSupport NetSupport Manager 6.10 NetSupport NetSupport Manager 6.00 NetSupport NetSupport Manager 5.31 NetSupport NetSupport Manager 5.30 NetSupport NetSupport Manager 5.05 NetSupport NetSupport Manager 5.03 NetSupport NetSupport Manager 5.02f1 NetSupport NetSupport Manager 5.02 NetSupport NetSupport Manager 5.01 NetSupport NetSupport Manager 5.00 NetSupport NetSupport Manager 10.20 NetSupport NetSupport Manager 10.00 |
| Not Vulnerable: |
NetSupport NetSupport Manager 10.20.4 |
Discussion
NetSupport Manager Remote Authentication Bypass Vulnerability
NetSupport Manager is prone to an authentication-bypass vulnerability because the client application fails to properly require authentication when handling connections.
Attackers can exploit this issue to gain unauthorized access to computers running the affected application.
This issue affects versions prior to NetSupport Manager 10.20.0004 on Microsoft Windows platforms.
NetSupport Manager is prone to an authentication-bypass vulnerability because the client application fails to properly require authentication when handling connections.
Attackers can exploit this issue to gain unauthorized access to computers running the affected application.
This issue affects versions prior to NetSupport Manager 10.20.0004 on Microsoft Windows platforms.
Exploit / POC
NetSupport Manager Remote Authentication Bypass Vulnerability
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
NetSupport Manager Remote Authentication Bypass Vulnerability
Solution:
The vendor released an update to address this issue. Please see the references for more information.
Solution:
The vendor released an update to address this issue. Please see the references for more information.
References
NetSupport Manager Remote Authentication Bypass Vulnerability
References:
References:
- NetSupport Manager Homepage (NetSupport)
- NetSupport Manager Client Vulnerability (NetSupport)