nvd-json-data-feeds/CVE-2002/CVE-2002-01xx/CVE-2002-0134.json

{
  "id": "CVE-2002-0134",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2002-03-25T05:00:00.000",
  "lastModified": "2016-10-18T02:16:27.237",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "Telnet proxy in Avirt Gateway Suite 4.2 does not require authentication for connecting to the proxy system itself, which allows remote attackers to list file contents of the proxy and execute arbitrary commands via a \"dos\" command."
    },
    {
      "lang": "es",
      "value": "El proxy Telet en Avirt Gateway Suite 4.2 no requiere autentificaci\u00f3n para conectarse al propio proxy, de modo que permite a atacantes remotos listar los ficheros del proxy y ejecutar comandos arbitrariamente mediante comandos de \"dos\"."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": true,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:avirt:avirt_gateway_suite:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E44ECB72-BA5B-4BB4-86C7-2FF9F285229B"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://marc.info/?l=bugtraq&m=101131669102843&w=2",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://marc.info/?l=bugtraq&m=101424723728817&w=2",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.iss.net/security_center/static/7915.php",
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/3901",
      "source": "cve@mitre.org"
    }
  ]
}
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"id": "CVE-2002-0134",`
			`"sourceIdentifier": "cve@mitre.org",`
			`"published": "2002-03-25T05:00:00.000",`
			`"lastModified": "2016-10-18T02:16:27.237",`
			`"vulnStatus": "Modified",`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "Telnet proxy in Avirt Gateway Suite 4.2 does not require authentication for connecting to the proxy system itself, which allows remote attackers to list file contents of the proxy and execute arbitrary commands via a \"dos\" command."`
			`},`
			`{`
			`"lang": "es",`
			`"value": "El proxy Telet en Avirt Gateway Suite 4.2 no requiere autentificaci\u00f3n para conectarse al propio proxy, de modo que permite a atacantes remotos listar los ficheros del proxy y ejecutar comandos arbitrariamente mediante comandos de \"dos\"."`
			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV2": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "2.0",`
			`"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",`
			`"accessVector": "NETWORK",`
			`"accessComplexity": "LOW",`
			`"authentication": "NONE",`
			`"confidentialityImpact": "PARTIAL",`
			`"integrityImpact": "PARTIAL",`
			`"availabilityImpact": "PARTIAL",`
			`"baseScore": 7.5`
			`},`
			`"baseSeverity": "HIGH",`
			`"exploitabilityScore": 10.0,`
			`"impactScore": 6.4,`
			`"acInsufInfo": false,`
			`"obtainAllPrivilege": false,`
			`"obtainUserPrivilege": false,`
			`"obtainOtherPrivilege": true,`
			`"userInteractionRequired": false`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "NVD-CWE-Other"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:avirt:avirt_gateway_suite:4.2:::::::*",`
			`"matchCriteriaId": "E44ECB72-BA5B-4BB4-86C7-2FF9F285229B"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "http://marc.info/?l=bugtraq&m=101131669102843&w=2",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "http://marc.info/?l=bugtraq&m=101424723728817&w=2",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "http://www.iss.net/security_center/static/7915.php",`
			`"source": "cve@mitre.org",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
			`},`
			`{`
			`"url": "http://www.securityfocus.com/bid/3901",`
			`"source": "cve@mitre.org"`
			`}`
			`]`
			`}`