Avast! Antivirus Server Edition Password Setting Security Bypass Vulnerability
BID:22425
Info
Avast! Antivirus Server Edition Password Setting Security Bypass Vulnerability
| Bugtraq ID: | 22425 |
| Class: | Access Validation Error |
| CVE: |
CVE-2007-0829 |
| Remote: | No |
| Local: | Yes |
| Published: | Feb 06 2007 12:00AM |
| Updated: | May 12 2015 07:34PM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Avast Antivirus Server Edition 4.7.676 Avast Antivirus Server Edition 4.7.660 Avast Antivirus Server Edition 4.6.566 Avast Antivirus Server Edition 4.6.489 Avast Antivirus Server Edition 4.6.460 |
| Not Vulnerable: |
Avast Antivirus Server Edition 4.7.726 |
Discussion
Avast! Antivirus Server Edition Password Setting Security Bypass Vulnerability
Avast! Antivirus Server Edition is prone to a security-bypass vulnerability because of an access-validation error.
An attacker can exploit this issue to change certain settings in the affected application. This may aid in other attacks.
This issue affects version prior to 4.7.726.
Avast! Antivirus Server Edition is prone to a security-bypass vulnerability because of an access-validation error.
An attacker can exploit this issue to change certain settings in the affected application. This may aid in other attacks.
This issue affects version prior to 4.7.726.
Exploit / POC
Solution / Fix
Avast! Antivirus Server Edition Password Setting Security Bypass Vulnerability
Solution:
The vendor has released an update to address this issue. Please see the references for more information.
Solution:
The vendor has released an update to address this issue. Please see the references for more information.
References
Avast! Antivirus Server Edition Password Setting Security Bypass Vulnerability
References:
References:
- avast! Server Edition Revision History (avast!)
- avast! Server Homepage (avast! )