{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-01-17T00:00:00", "descriptions": [{"lang": "en", "value": "Telnet proxy in Avirt Gateway Suite 4.2 does not require authentication for connecting to the proxy system itself, which allows remote attackers to list file contents of the proxy and execute arbitrary commands via a \"dos\" command."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "3901", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/3901"}, {"name": "20020117 Avirt Gateway Suite Remote SYSTEM Level Compromise", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=101131669102843&w=2"}, {"name": "avirt-gateway-telnet-access(7915)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/7915.php"}, {"name": "20020220 Avirt 4.2 question", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=101424723728817&w=2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0134", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Telnet proxy in Avirt Gateway Suite 4.2 does not require authentication for connecting to the proxy system itself, which allows remote attackers to list file contents of the proxy and execute arbitrary commands via a \"dos\" command."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "3901", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3901"}, {"name": "20020117 Avirt Gateway Suite Remote SYSTEM Level Compromise", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=101131669102843&w=2"}, {"name": "avirt-gateway-telnet-access(7915)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/7915.php"}, {"name": "20020220 Avirt 4.2 question", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=101424723728817&w=2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T02:42:27.691Z"}, "title": "CVE Program Container", "references": [{"name": "3901", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/3901"}, {"name": "20020117 Avirt Gateway Suite Remote SYSTEM Level Compromise", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=101131669102843&w=2"}, {"name": "avirt-gateway-telnet-access(7915)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "http://www.iss.net/security_center/static/7915.php"}, {"name": "20020220 Avirt 4.2 question", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=101424723728817&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0134", "datePublished": "2002-03-15T05:00:00", "dateReserved": "2002-03-15T00:00:00", "dateUpdated": "2024-08-08T02:42:27.691Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:avirt:avirt_gateway_suite:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "E44ECB72-BA5B-4BB4-86C7-2FF9F285229B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Telnet proxy in Avirt Gateway Suite 4.2 does not require authentication for connecting to the proxy system itself, which allows remote attackers to list file contents of the proxy and execute arbitrary commands via a \"dos\" command."}, {"lang": "es", "value": "El proxy Telet en Avirt Gateway Suite 4.2 no requiere autentificaci\u00f3n para conectarse al propio proxy, de modo que permite a atacantes remotos listar los ficheros del proxy y ejecutar comandos arbitrariamente mediante comandos de \"dos\"."}], "id": "CVE-2002-0134", "lastModified": "2016-10-18T02:16:27.237", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-03-25T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=101131669102843&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=101424723728817&w=2"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.iss.net/security_center/static/7915.php"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/3901"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}