Authentication Bypass in GeoHttpServer by GeoVision
CVE-2004-2100

Currently unrated

Key Information:

Vendor: Geovision
Status: Geohttpserver
Vendor: CVE Published:; 31 December 2004

What is CVE-2004-2100?

GeoHttpServer, when configured for user authentication, is susceptible to an authentication bypass vulnerability. Attackers can exploit this flaw by crafting a URL containing encoded newlines (%0a%0a), which allows them to access unauthorized files without proper authentication. This vulnerability poses significant risks, enabling potential misuse of sensitive information on the server if not properly mitigated.

References

http://marc.info/?l=bugtraq&m=107480261825214&w=2

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
May 27, 2005
Vulnerability published
Dec 31, 2004

Geovision

What is CVE-2004-2100?

References

Timeline