[2/5] h2desk Support System Security Bypass
March 3rd, 2008 by 
[2/5] h2desk Support System Security Bypass
:joseph.giron13 has reported a security issue in h2desk Support System, which can be exploited by malicious users to bypass certain security restrictions.The security issue is caused due to an error in the authentication process and can be exploited to access e.g. the "database export" functionality and download a copy of the database.Successful exploitation requires valid user credentials.Solution:Grant only trusted users access to the application.Provided and/or discovered by:joseph.giron13
Original post by Pankaj
[2/5] h2desk Support System Security Bypass
Related Articles:
[2/5] Novell BorderManager Unicode Encoding Detection Bypass [2/5] Novell Access Manager HTTP Unicode Encoding Detection Bypass [3/5] IBM AIX Multiple Unspecified Vulnerabilities [1/5] IBM OS/400 TCP Packet Processing Security Bypass Issue [4/5] SUSE update for IBM Java
Posted in Advisories - Exploits | 
| [2/5] h2desk Support System Security Bypass