Authentication flaw

2008-03-1314:44:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

High

0.048 Low

EPSS

Percentile

92.7%

JSON

The FxIAList service in ASG-Sentry Network Manager 7.0.0 and earlier does require authentication, which allows remote attackers to cause a denial of service (service termination) via the exit command to TCP port 6162, or have other impacts via other commands.

CPENameOperatorVersion
asg-sentryle7.0.0

CPE	Name	Operator	Version
	asg-sentry	le	7.0.0

References

aluigi.altervista.org/adv/asgulo-adv.txt

secunia.com/advisories/29289

securityreason.com/securityalert/3737

www.securityfocus.com/archive/1/489359/100/0/threaded

www.securityfocus.com/bid/28188

www.vupen.com/english/advisories/2008/0839/references

exchange.xforce.ibmcloud.com/vulnerabilities/41084

www.exploit-db.com/exploits/5229