Check or Attack Name: WinRouteConfig

The procedure used to authenticate users for access to the admin configuration menu on Winroute servers contains a flaw that allows users to bypass the authentication and gain direct access. This access could be used to change the configuration of the proxy from remote.

Contact Tiny Software for fix information.

BUGTRAQ Mailing List, Bug in Winroute 3.04g, http://www.netspace.org/cgi-bin/wa?A2=ind9904B&L=bugtraq&P=R1283

Tiny Software Inc., WinRoute, http://www.winroute.com/