Recent Auth Bypass vulnerabilities
Latest information about Authentication Bypass vulnerabilities
22.02.2012 09:39 D-Link DSL-2640B Authentication Bypass details >>
22.02.2012 09:39 D-Link DSL-2640B (ADSL Router) Authentication Bypass details >>
22.02.2012 07:39 lv3 EasyVista SSO Authentication Bypass Vulnerability details >>
22.02.2012 07:39 [3/5] EasyVista SSO Authentication Bypass Vulnerability details >>
22.02.2012 06:37 [webapps] - D-Link DSL-2640B Authentication Bypass details >>
22.02.2012 05:42 exploit-db E: [webapps] - D-Link DSL-2640B Authentication Bypass: details >>
21.02.2012 08:32 VU#273502: EasyVista single sign-on authentication bypass vulnerability
16.02.2012 03:58 cb: MS11-100 - Forms Auth. Bypass - Revenge of the 0x00 -
13.02.2012 23:07 Microsoft Forms Authentication Bypass: Microsoft Forms suffers from a nu...
13.02.2012 14:45 Microsoft Forms Authentication Bypass: Microsoft Forms suffers from a nu...
13.02.2012 14:45 DDI Labs-> SolarWinds Storage Manager Server SQL Injection Authentication Bypass - Update!: details >>
13.02.2012 10:50 Microsoft IIS 5.0 WebDAV Authentication Bypass Vulnerability details >>
13.02.2012 10:43 D-Link ShareCenter Remote Code Execution: This advisory expands on a previously known authentication bypass issu... details >>
13.02.2012 10:21 DDI Labs-> SolarWinds Storage Manager Server SQL Injection Authentication Bypass - Update!: details >>
13.02.2012 02:15 Microsoft IIS 5.0 WebDAV Authentication Bypass Vulnerability details >>
12.02.2012 19:19 D-Link ShareCenter Remote Code Execution: This advisory expands on a previously known authentication bypass issu... details >>
12.02.2012 18:53 Microsoft ISA Server Radius OTP Authentication Bypass Vulnerability details >>
12.02.2012 10:50 Microsoft ISA Server Radius OTP Authentication Bypass Vulnerability details >>
12.02.2012 04:39 [remote] - IBM Lotus Domino Server Controller Authentication Bypass Vulnerability - [CVE: 2011-1519]: details >>
11.02.2012 23:49 [remote] - IBM Lotus Domino Server Controller Authentication Bypass Vulnerability - [CVE: 2011-1519]: details >>
Authentication Bypass vulnerabilities Archive 2011
Here is short summary of recent Auth Bypass vulnerabilities discovered by eVuln team. Full list with details is available on the eVuln Security Advisories page.
Authentication Bypass by SQL Injection in Social Share.
Description.
Vulnerable script: functions.php
Parameter username is not properly sanitized before being used in a SQL query. This can be used to make any SQL query by injecting arbitrary SQL code and log in without password.
Condition: magic_quotes: off
Exploit.
Username: anytext' or verified=1#
Password: arbitrary_text
Solution
Solution is not available.
Other details >>Cookie authentication bypass in Alguest.
Description.
Cookie-based authentication lack is present in admin.php, opzioni.php, elimina.php, modifica.php scripts. Administration functions are threatened
Exploit.
There is no real password comparison for admin user. Administration scripts check only existence of admin cookie.
Cookie: admin=anyvalue
Solution
Solution is not available.
Other details >>SQL injection Auth Bypass in Easy Banner Free.
Description.
Vulnerability exists in member.php script. User-defined parameters username and password are not properly sanitized against SQL injections. This can be used to bypass authentication or execute arbitrary SQL query.
Exploit.
Authentication bypass in member.php is possible using one of the following SQL injections:
username: ' or 1#
password: ' or 'a'='a
magic_quotes_gpc = off
Solution
Solution is not available.
Other details >>Cookie Auth Bypass in Hot Links SQL.
Description.
cookie Auth Bypass vulnerability found in Hot Links SQL 3. It is possible to get access to admin panel without password comparison.
Exploit.
There is no password comparison during authentication process. Actually script checks only admin cookie. If it's value is logged in user is authenticated as Admin.
Cookie: admin=logged in
Solution
Solution is not available.
Other details >>Authentication Bypass and SQL Injection in MD News.
Description.
Vulnerable script: admin.php
Parameter id is not properly sanitized before being used in SQL query. This can be used to make any SQL query by injecting arbitrary SQL code.
"Administration Area" script has no any authentication. Any user can get access to administrator's area. (Just need to know script name)
Exploit.
SQL Injection Example:
http://[host]/admin.php?action=full&id=-1 union select 1,2,3,4,5
Solution
Solution is not available.
Other details >>