BNC : Security Vulnerabilities, CVEs, Published In 2004
BNC 2.9.0 only grants access when an incorrect password is provided, which allows remote attackers to use the functionality intended for authorized users.
Max CVSS
7.5
EPSS Score
1.57%
Published
2004-12-31
Updated
2017-07-20
The sbuf_getmsg function in BNC incorrectly handles backspace characters, which could allow remote attackers to bypass authentication and gain access to arbitrary scripts.
Max CVSS
7.5
EPSS Score
0.64%
Published
2004-12-31
Updated
2017-07-11
2 vulnerabilities found