{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-02-09T00:00:00", "descriptions": [{"lang": "en", "value": "Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication to IP addresses, which allows remote attackers to bypass authentication by connecting from the same IP address as an active authenticated user."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20040209 Red-M Red-Alert Multiple Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/353211"}, {"name": "20040209 Red-M Red-Alert Multiple Vulnerabilities", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://marc.info/?l=full-disclosure&m=107635119005407&w=2"}, {"name": "3952", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/3952"}, {"name": "1009001", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1009001"}, {"name": "9618", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/9618"}, {"tags": ["x_refsource_MISC"], "url": "http://www.securiteam.com/securitynews/5SP0C0KC0A.html"}, {"name": "redalert-gain-access(15088)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15088"}, {"tags": ["x_refsource_MISC"], "url": "http://genhex.org/releases/031003.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-2079", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication to IP addresses, which allows remote attackers to bypass authentication by connecting from the same IP address as an active authenticated user."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20040209 Red-M Red-Alert Multiple Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/353211"}, {"name": "20040209 Red-M Red-Alert Multiple Vulnerabilities", "refsource": "FULLDISC", "url": "http://marc.info/?l=full-disclosure&m=107635119005407&w=2"}, {"name": "3952", "refsource": "OSVDB", "url": "http://www.osvdb.org/3952"}, {"name": "1009001", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1009001"}, {"name": "9618", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9618"}, {"name": "http://www.securiteam.com/securitynews/5SP0C0KC0A.html", "refsource": "MISC", "url": "http://www.securiteam.com/securitynews/5SP0C0KC0A.html"}, {"name": "redalert-gain-access(15088)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15088"}, {"name": "http://genhex.org/releases/031003.txt", "refsource": "MISC", "url": "http://genhex.org/releases/031003.txt"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T01:15:01.217Z"}, "title": "CVE Program Container", "references": [{"name": "20040209 Red-M Red-Alert Multiple Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/353211"}, {"name": "20040209 Red-M Red-Alert Multiple Vulnerabilities", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://marc.info/?l=full-disclosure&m=107635119005407&w=2"}, {"name": "3952", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/3952"}, {"name": "1009001", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1009001"}, {"name": "9618", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/9618"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.securiteam.com/securitynews/5SP0C0KC0A.html"}, {"name": "redalert-gain-access(15088)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15088"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://genhex.org/releases/031003.txt"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-2079", "datePublished": "2005-05-19T04:00:00", "dateReserved": "2005-05-19T00:00:00", "dateUpdated": "2024-08-08T01:15:01.217Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:red-m:red-alert:2.7.5_v3.1_build_24:*:*:*:*:*:*:*", "matchCriteriaId": "F44FF4B3-EB52-4315-8BFA-5ABA5668477F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication to IP addresses, which allows remote attackers to bypass authentication by connecting from the same IP address as an active authenticated user."}], "id": "CVE-2004-2079", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-02-09T05:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://genhex.org/releases/031003.txt"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=full-disclosure&m=107635119005407&w=2"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://securitytracker.com/id?1009001"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/3952"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.securiteam.com/securitynews/5SP0C0KC0A.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.securityfocus.com/archive/1/353211"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.securityfocus.com/bid/9618"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15088"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://genhex.org/releases/031003.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=full-disclosure&m=107635119005407&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://securitytracker.com/id?1009001"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/3952"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.securiteam.com/securitynews/5SP0C0KC0A.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.securityfocus.com/archive/1/353211"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.securityfocus.com/bid/9618"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15088"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}