Avotus CDR mm Arbitrary File Retrieval

(C) 2003-2016 Anonymous

Synopsis :

Arbitrary files may be read on the remote host.

Description :

The script attempts to force the remote Avotus CDR mm service to include
the file /etc/passwd accross the network.

Solution :

The vendor has provided a fix for this issue to all customers.
The fix will be included in future shipments and future versions of the
If an Avotus customer has any questions about this problem, they should
contact [email protected]

Risk factor :


Family: Misc.

Nessus Plugin ID: 11948 (avotus_mm.nasl)

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now