Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
[OVSA20110118] OpenVAS Manager Vulnerable To Command Injection
Jan 25 2011 11:45AM
Tim Brown (timb openvas org)
It has been identified that OpenVAS Manager is vulnerable to command injection
due to insufficient validation of user supplied data when processing OMP
requests. It has been identified that this vulnerability allows privilege
escalation within the OpenVAS Manager but more complex injecti...
[ more ]
Copyright 2010, SecurityFocus