Summary
The management interface used with the Interscan VirusWall uses several cgi programs that may allow a malicious user to remotely change the configuration of the server without any authorization using maliciously constructed querystrings.
Solution
don't connect the management interface directly to the Internet
Severity
Classification
-
CVE CVE-2001-0432 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Admin Bot 'news.php' SQL Injection Vulnerability
- Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities
- 'research_display.php' SQL Injection Vulnerability
- Adiscon LogAnalyzer Multiple SQL Injection and XSS Vulnerabilities
- aflog Cookie-Based Authentication Bypass Vulnerability