CVE-2002-0134

critical

Description

Telnet proxy in Avirt Gateway Suite 4.2 does not require authentication for connecting to the proxy system itself, which allows remote attackers to list file contents of the proxy and execute arbitrary commands via a "dos" command.

References

http://www.securityfocus.com/bid/3901

http://www.iss.net/security_center/static/7915.php

http://marc.info/?l=bugtraq&m=101424723728817&w=2

http://marc.info/?l=bugtraq&m=101131669102843&w=2

Details

Source: Mitre, NVD

Published: 2002-03-25

Updated: 2024-11-20

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical