DS3 Authentication Server 'TestTelnetConnection.jsp' Remote Command Execution Vulnerability

DS3 Authentication Server is prone to a remote command-execution vulnerability.

Note: The issue described by CVE-2013-4098 has been moved to BID 60936 (DS3 Authentication Server 'ServerAdmin/ErrorViewer.jsp' Security Bypass Vulnerability) for better documentation.

An attacker can exploit this issue to execute arbitrary commands within the context of the server.


Privacy Statement
Copyright 2010, SecurityFocus