Unauthenticated Remote File Listing and Command Execution in Avirt Gateway Suite 4.2

Unauthenticated Remote File Listing and Command Execution in Avirt Gateway Suite 4.2

CVE-2002-0134 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Telnet proxy in Avirt Gateway Suite 4.2 does not require authentication for connecting to the proxy system itself, which allows remote attackers to list file contents of the proxy and execute arbitrary commands via a "dos" command.

Learn more about our Web Application Penetration Testing UK.