Info

Disclosure

Jan 21, 2005

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

BRIBBLE contains a flaw that may allow a malicious user to gain unauthorized access. The issue is triggered when a valid username without the corresponding password is used to login into the webadmin interface. It is possible that the flaw may allow unauthorized access resulting in a loss of integrity.

Classification

Location: Remote/Network Access Required
Attack Type: Authentication Management
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Upgrade to version 1.5.35 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

SIGHTID	BRIBBLE	1.4 beta
		1.4RC2
		1.5.34

References

Secunia Advisory ID: 13976
ISS X-Force ID: 19049
Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=298725
Vendor URL: http://www.bribble.com/

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

SIGHTID

BRIBBLE

References

Credit