CVE-2004-1878 Information

Description

LINBOX LIN:BOX allows remote attackers to bypass authentication obtain sensitive information or gain access via a direct request to admin/user.pl preceded by // (double leading slash).

Reference

http://marc.info/?l=bugtraq&m=108067245401673&w=2 http://secunia.com/advisories/11264 http://www.securityfocus.com/bid/10010 http://www.websec.org/adv/linbit.txt.html https://exchange.xforce.ibmcloud.com/vulnerabilities/15677