Vulnerabilities > CVE-2004-2563 - Remote Authentication Bypass vulnerability in Serena Software Serena Teamtrack 6.1.1
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Serena TeamTrack 6.1.1 allows remote attackers to obtain sensitive information such as user names, versions, and database information, and conduct cross-site scripting (XSS) attacks, via a direct request to tmtrack.dll with modified LoginPage and Template parameters.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Serena TeamTrack 6.1.1 Remote Authentication Bypass Vulnerability. CVE-2004-2563. Remote exploit for windows platform |
| id | EDB-ID:24297 |
| last seen | 2016-02-02 |
| modified | 2004-07-21 |
| published | 2004-07-21 |
| reporter | Noam Rathaus |
| source | https://www.exploit-db.com/download/24297/ |
| title | Serena TeamTrack 6.1.1 - Remote Authentication Bypass Vulnerability |
References
- http://secunia.com/advisories/12122
- http://www.osvdb.org/8182
- http://www.osvdb.org/8183
- http://www.osvdb.org/8185
- http://www.securiteam.com/windowsntfocus/5SP0O0ADGG.html
- http://www.securityfocus.com/bid/10770
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16771
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16777