BID:30123

Neutrino Atomic Edition Authentication Bypass Vulnerability

Info

Neutrino Atomic Edition Authentication Bypass Vulnerability

Bugtraq ID:	30123
Class:	Access Validation Error
CVE:	CVE-2008-3150
Remote:	Yes
Local:	No
Published:	Jul 07 2008 12:00AM
Updated:	May 07 2015 05:27PM
Credit:	Ams
Vulnerable:	Neutrino Neutrino Atomic Edition 0.8.4

Not Vulnerable:

Discussion

Neutrino Atomic Edition Authentication Bypass Vulnerability

Neutrino Atomic Edition is prone to an authentication-bypass vulnerability.

An attacker can exploit this issue to gain unauthorized access to the application.

Neutrino Atomic Edition 0.8.4 is vulnerable; other versions may also be affected.

Exploit / POC

Neutrino Atomic Edition Authentication Bypass Vulnerability

Attackers can exploit this issue via a browser.

The following proof-of-concept script code is available:

/data/vulnerabilities/exploits/30123.pl

Solution / Fix

Neutrino Atomic Edition Authentication Bypass Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

References

Neutrino Atomic Edition Authentication Bypass Vulnerability

References:

Neutrino Atomic Edition Project Page (Neutrino)