Back to search
CVE-2013-6766
Published: May 19, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
OpenVAS Administrator 1.2 before 1.2.2 and 1.3 before 1.3.2 allows remote attackers to bypass the OAP authentication restrictions and execute OAP commands via a crafted OAP request for version information, which causes the state to be set to CLIENT_AUTHENTIC.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[Openvas-announce] 20131108 Security Releases for OpenVAS-5 and OpenVAS-6
mailing-list
x_refsource_MLIST
[oss-security] 20131110 CVE-2013-6765 CVE-2013-6766 for OpenVAS 4.0.4/1.3.2/etc.
mailing-list
x_refsource_MLIST
http://www.openvas.org/OVSA20131108.html
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now