Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1024

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1024
Last Modified 05 Sep 2008 04:25:29
Published 27 Jul 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1024

Summary

login.gas.bat and other CGI scripts in Entrust getAccess allow remote attackers to execute Java programs, and possibly arbitrary commands, by specifying an alternate -classpath argument.

Vulnerable Systems

Application

  • Entrust Getaccess


References

XF - entrust-getaccess-execute-commands(6915)

BUGTRAQ - 20010727 Entrust - getAccess


Last Updated: 27 May 2016 10:36:29