Avotus CDR mm Arbitrary File Retrieval

(C) 2003-2016 Anonymous


Synopsis :

Arbitrary files may be read on the remote host.

Description :

The script attempts to force the remote Avotus CDR mm service to include
the file /etc/passwd accross the network.

Solution :

The vendor has provided a fix for this issue to all customers.
The fix will be included in future shipments and future versions of the
product.
If an Avotus customer has any questions about this problem, they should
contact support@avotus.com.

Risk factor :

High

Family: Misc.

Nessus Plugin ID: 11948 (avotus_mm.nasl)

Bugtraq ID:

CVE ID:

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial