Computer Security
[EN] securityvulns.ru no-pyccku


IDA Pro debugger unauthorized access
Published:24.03.2007
Source:
SecurityVulns ID:7461
Type:remote
Threat Level:
5/10
Description:Remote debugging request is executed regrdless of authentication state.
Affected:DATARESCUE : IDA Pro 5.1
CVE:CVE-2007-1666 (The processor_request function in the debugger server for DataRescue IDA Pro 5.0 and 5.1 does not verify that authentication has taken place before invoking the perform_request function, which allows remote attackers to perform unauthorized actions.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 03.23.07: DataRescue IDA Pro Remote Debugger Server Authentication Bypass Vulnerability (24.03.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod