header-logo
Suggest Exploit
vendor:
Astaro Security Linux
by:
SecurityFocus
2.6
CVSS
LOW
Bypass Access Controls
287
CWE
Product Name: Astaro Security Linux
Affected Version From: 6.001
Affected Version To: 6.001
Patch Exists: NO
Related CWE: N/A
CPE: a:astaro:astaro_security_linux:6.001
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

Astaro Security Linux Weakness

Astaro Security Linux is prone to a weakness that may allow remote attackers to connect to arbitrary ports on a vulnerable computer. This weakness may be combined with other attacks to exploit latent vulnerabilities. An attacker can bypass access controls implemented by the application through this attack. To exploit this vulnerability, an attacker can connect to TCP port 8080 and enter the command CONNECT localhost:80 HTTP/1.0

Mitigation:

Ensure that access controls are properly implemented and enforced.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/14665/info

Astaro Security Linux is prone to a weakness that may allow remote attackers to connect to arbitrary ports on a vulnerable computer.

This weakness may be combined with other attacks to exploit latent vulnerabilities. An attacker can bypass access controls implemented by the application through this attack.

Astaro Security Linux 6.001 is prone to this weakness. 

Connect to TCP port 8080 and enter the following command:

CONNECT localhost:80 HTTP/1.0