vendor:
Astaro Security Linux
by:
SecurityFocus
2.6
CVSS
LOW
Bypass Access Controls
287
CWE
Product Name: Astaro Security Linux
Affected Version From: 6.001
Affected Version To: 6.001
Patch Exists: NO
Related CWE: N/A
CPE: a:astaro:astaro_security_linux:6.001
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005
Astaro Security Linux Weakness
Astaro Security Linux is prone to a weakness that may allow remote attackers to connect to arbitrary ports on a vulnerable computer. This weakness may be combined with other attacks to exploit latent vulnerabilities. An attacker can bypass access controls implemented by the application through this attack. To exploit this vulnerability, an attacker can connect to TCP port 8080 and enter the command CONNECT localhost:80 HTTP/1.0
Mitigation:
Ensure that access controls are properly implemented and enforced.