NuytsTech Security

CVE-2006-1257

by ·

The sample files in the authfiles directory in Microsoft Commerce Server 2002 before SP2 allow remote attackers to bypass authentication by logging in to authfiles/login.asp with a valid username and any password, then going to the main site twice.

Date published : 2006-03-18

http://www.securityfocus.com/bid/17134

http://www.securityfocus.com/archive/1/427974/100/0/threaded

Tags: