CVE-2006-1257

Published: Mar 19, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

The sample files in the authfiles directory in Microsoft Commerce Server 2002 before SP2 allow remote attackers to bypass authentication by logging in to authfiles/login.asp with a valid username and any password, then going to the main site twice.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

mscs-authfiles-authentication-bypass(25330)

vdb-entry

x_refsource_XF

594

third-party-advisory

x_refsource_SREASON

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/csvr2002/htm/cs_se_securityconcepts_cbgw.asp

x_refsource_CONFIRM

24121

vdb-entry

x_refsource_OSVDB

17134

vdb-entry

x_refsource_BID

20060316 Microsoft Commerce Server 2002: Logon as known user with a false password

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2006-1257

Description

Affected Products

References