Cisco Application Velocity System Open TCP Proxy Vulnerability

Cisco Application Velocity System (AVS) is susceptible to a remote open TCP proxy vulnerability. This software fails to allow only valid TCP ports to be used by remote users.

Remote attackers may use the affected software as an open TCP proxy. Attackers have exploited this to send unsolicited commercial email (UCE).

Versions of AVS prior to 5.0.1 are vulnerable to this issue.


 

Privacy Statement
Copyright 2010, SecurityFocus