BugTraq
Back to list
|
Post reply
Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes
Aug 31 2004 08:38PM
Jérôme ATHIAS (jerome athias caramail com)
Date: Tue, 31 Aug 2004 00:38:05 -0400
Subject: http://www.blackboxvoting.org/?q=node/view/78
BlackBoxVoting.org reported a vulnerability in the Diebold GEMS central tabulator.
A local authenticated user can enter a two-digit code in a certain "hidden" location
to cause a second set of votes to be created on the system. This second set of votes
can be modified by the local user and then read by the voting system as legitimate
votes, the report said.
GEMS 1.18.18, GEMS 1.18.19, and GEMS 1.18.23 are affected.
The vendor was reportedly notified on July 8, 2003.
Solution: No vendor solution was available at the time of this entry.
Vendor URL: www.diebold.com/dieboldes/GEMS.htm (Links to External Site)
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Date: Tue, 31 Aug 2004 00:38:05 -0400
Subject: http://www.blackboxvoting.org/?q=node/view/78
BlackBoxVoting.org reported a vulnerability in the Diebold GEMS central tabulator.
A local authenticated user can enter a two-digit code in a certain "hidden" location
to cause a second set of votes to be created on the system. This second set of votes
can be modified by the local user and then read by the voting system as legitimate
votes, the report said.
GEMS 1.18.18, GEMS 1.18.19, and GEMS 1.18.23 are affected.
The vendor was reportedly notified on July 8, 2003.
Solution: No vendor solution was available at the time of this entry.
Vendor URL: www.diebold.com/dieboldes/GEMS.htm (Links to External Site)
[ reply ]