• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Commerce Server 2002 Authentication Bypass Vulnerability

Microsoft Commerce Server 2002 is prone to an authentication-bypass vulnerability. This issue is due to a failure in the application to correctly authenticate users due to the possible existence of sample files.

An attacker can exploit this issue to bypass the authentication mechanism and gain access to the affected application as any pre-existing user.

Microsoft Commerce Server 2002 prior to Service Pack 2 are affected by this issue.