Vulnerabilities > CVE-2002-0736 - Unspecified vulnerability in Microsoft Backoffice 4.0/4.5

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

microsoft

NVD

Published: 2002-08-12

Updated: 2008-09-05

Summary

Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by other systems, allows remote attackers to bypass authentication and access the administrative ASP pages via an HTTP request with an authorization type (auth_type) that is not blank.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Backoffice 4.5 Microsoft Backoffice 4.0	2

References

http://support.microsoft.com/support/kb/articles/q316/8/38.asp
http://www.securityfocus.com/bid/4528
http://www.iss.net/security_center/static/8862.php
http://archives.neohapsis.com/archives/bugtraq/2002-04/0208.html