CVE-2004-2079 Information

Description

Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication to IP addresses which allows remote attackers to bypass authentication by connecting from the same IP address as an active authenticated user.

Reference

http://genhex.org/releases/031003.txt http://marc.info/?l=full-disclosure&m=107635119005407&w=2 http://securitytracker.com/id?1009001 http://www.osvdb.org/3952 http://www.securiteam.com/securitynews/5SP0C0KC0A.html http://www.securityfocus.com/archive/1/353211 http://www.securityfocus.com/bid/9618 https://exchange.xforce.ibmcloud.com/vulnerabilities/15088