CVE-2008-5158

Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to bypass authentication and perform administrative actions via vectors involving "simply skipping the auth stage."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
VendorProductVersion
clientsoftwarewincome_mpd_total
𝑥
≤ 3.0.2.623
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://aluigi.org/adv/wincomalpd-adv.txt
http://aluigi.org/poc/wincomalpd.zip
http://secunia.com/advisories/28763
http://securityreason.com/securityalert/4610
http://www.securityfocus.com/archive/1/487507/100/200/threaded
http://www.securityfocus.com/bid/27614
http://www.vupen.com/english/advisories/2008/0410
http://aluigi.org/adv/wincomalpd-adv.txt
http://aluigi.org/poc/wincomalpd.zip
http://secunia.com/advisories/28763
http://securityreason.com/securityalert/4610
http://www.securityfocus.com/archive/1/487507/100/200/threaded
http://www.securityfocus.com/bid/27614
http://www.vupen.com/english/advisories/2008/0410