SecuritySpace - CVE-2009-4657

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2009-4657

Description: The administrator package for Xerver 4.32 does not require authentication, which allows remote attackers to alter application settings by connecting to the application on port 32123, as demonstrated by setting the action option to wizardStep1.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-4657
BugTraq ID: 36454
http://www.securityfocus.com/bid/36454
http://www.exploit-db.com/exploits/9717

CVE ID:	CVE-2009-4657
Description:	The administrator package for Xerver 4.32 does not require authentication, which allows remote attackers to alter application settings by connecting to the application on port 32123, as demonstrated by setting the action option to wizardStep1.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4657 BugTraq ID: 36454 http://www.securityfocus.com/bid/36454 http://www.exploit-db.com/exploits/9717