Avotus CDR mm Arbitrary File Retrieval

high Nessus Plugin ID 11948

Language:

Synopsis

Arbitrary files may be read on the remote host.

Description

The script attempts to force the remote Avotus CDR mm service to include the file /etc/passwd accross the network.

Solution

The vendor has provided a fix for this issue to all customers. The fix will be included in future shipments and future versions of the product.
If an Avotus customer has any questions about this problem, they should contact [email protected].

Plugin Details

Severity: High

ID: 11948

File Name: avotus_mm.nasl

Version: 1.16

Type: remote

Family: Misc.

Published: 12/11/2003

Updated: 8/8/2018

Supported Sensors: Nessus

Vulnerability Information

Vulnerability Publication Date: 12/11/2003