• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

AttachmateWRQ Reflection for Secure IT Windows Server Renamed Account Remote Login Vulnerability

AttachmateWRQ Reflection for Secure IT Windows Server is susceptible to a renamed account remote login vulnerability. This issue is due to a failure of the application to properly ensure that invalid accounts are not still accessible.

This vulnerability allows remote attackers to gain access to vulnerable computers, even if the targeted accounts are renamed in order to prevent further access.

It should be noted that remote attackers still require access to the private SSH key to exploit this vulnerability.