CVE-2007-4373 - Vulnerability Details - OpenCVE

The server in Babo Violent 2 2.08.00 and earlier does not properly implement password protection, which might allow remote attackers to bypass authentication by reconnecting after a connection closes.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Rndlabs	Babo Violent

Configuration 1 [-]

cpe:2.3:a:rndlabs:babo_violent:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://aluigi.altervista.org/adv/bv2x-adv.txt
http://securityreason.com/securityalert/3024
http://www.securityfocus.com/archive/1/476520/100/0/threaded

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-08-16T18:00:00

Updated: 2024-08-07T14:53:55.457Z

Reserved: 2007-08-16T00:00:00

Link: CVE-2007-4373

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-08-16T18:17:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-4373

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-08-14T00:00:00", "descriptions": [{"lang": "en", "value": "The server in Babo Violent 2 2.08.00 and earlier does not properly implement password protection, which might allow remote attackers to bypass authentication by reconnecting after a connection closes."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "3024", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3024"}, {"name": "20070814 Multiple vulnerabilities in Babo Violent 2 2.08.00", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/476520/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://aluigi.altervista.org/adv/bv2x-adv.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2007-4373", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The server in Babo Violent 2 2.08.00 and earlier does not properly implement password protection, which might allow remote attackers to bypass authentication by reconnecting after a connection closes."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "3024", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3024"}, {"name": "20070814 Multiple vulnerabilities in Babo Violent 2 2.08.00", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/476520/100/0/threaded"}, {"name": "http://aluigi.altervista.org/adv/bv2x-adv.txt", "refsource": "MISC", "url": "http://aluigi.altervista.org/adv/bv2x-adv.txt"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T14:53:55.457Z"}, "title": "CVE Program Container", "references": [{"name": "3024", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/3024"}, {"name": "20070814 Multiple vulnerabilities in Babo Violent 2 2.08.00", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/476520/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://aluigi.altervista.org/adv/bv2x-adv.txt"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-4373", "datePublished": "2007-08-16T18:00:00", "dateReserved": "2007-08-16T00:00:00", "dateUpdated": "2024-08-07T14:53:55.457Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rndlabs:babo_violent:*:*:*:*:*:*:*:*", "matchCriteriaId": "265F9C23-9406-4C64-AE21-DDA04F5D73DF", "versionEndIncluding": "2.2.08.00", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The server in Babo Violent 2 2.08.00 and earlier does not properly implement password protection, which might allow remote attackers to bypass authentication by reconnecting after a connection closes."}, {"lang": "es", "value": "El servidor en Babo Violent 2 2.08.00 y anteriores no implementa adecuadamente la protecci\u00f3n de contrase\u00f1as, lo cual podr\u00eda permitir a atacantes remotos evitar la autenticaci\u00f3n reconectando tras un cierre de conexi\u00f3n."}], "id": "CVE-2007-4373", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-08-16T18:17:00.000", "references": [{"source": "[email protected]", "url": "http://aluigi.altervista.org/adv/bv2x-adv.txt"}, {"source": "[email protected]", "url": "http://securityreason.com/securityalert/3024"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/archive/1/476520/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://aluigi.altervista.org/adv/bv2x-adv.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/3024"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/476520/100/0/threaded"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "[email protected]", "type": "Primary"}]}