Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0134

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0134
Last Modified 10 Sep 2008 08:00:34
Published 25 Mar 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0134

Summary

Telnet proxy in Avirt Gateway Suite 4.2 does not require authentication for connecting to the proxy system itself, which allows remote attackers to list file contents of the proxy and execute arbitrary commands via a "dos" command.

Vulnerable Systems

Application

  • Avirt Gateway Suite 4.2


References

XF - avirt-gateway-telnet-access(7915)

BUGTRAQ - 20020220 Avirt 4.2 question

BUGTRAQ - 20020117 Avirt Gateway Suite Remote SYSTEM Level Compromise

BID - 3901


Last Updated: 27 May 2016 10:36:48