MidnightBSD

Advisories for bfcommand_and_control_software

CVE-2005-2789 HIGH

BFCommand & Control Server Manager BFCC 1.22_A and earlier, and BFVCC 2.14_B and earlier, allows remote attackers to bypass authentication via (1) an unknown attack vector or (2) a NULL (0x00) as a username.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
bfcommand_and_control_software bfvcc 2.00_a
bfcommand_and_control_software bfvcc 2.14_b
bfcommand_and_control_software bfcc *
CVE-2005-2790 HIGH

BFCommand & Control Server Manager BFCC 1.22_A and earlier, and BFVCC 2.14_B and earlier, relies on the client to enforce permissions and perform actions such as disconnections, which allows remote attackers to bypass administrative restrictions via a modified client.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
bfcommand_and_control_software bfvcc 2.00_a
bfcommand_and_control_software bfvcc 2.14_b
bfcommand_and_control_software bfcc *
CVE-2005-2791 MEDIUM

BFCommand & Control Server Manager BFCC 1.22_A and earlier, and BFVCC 2.14_B and earlier, allows remote attackers to cause a denial of service (refused new connections) via a series of connections and disconnections without sending the login command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
bfcommand_and_control_software bfvcc 2.00_a
bfcommand_and_control_software bfvcc 2.14_b
bfcommand_and_control_software bfcc *