SecuritySpace - CVE-2013-6765

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2013-6765

Description: OpenVAS Manager 3.0 before 3.0.7 and 4.0 before 4.0.4 allows remote attackers to bypass the OMP authentication restrictions and execute OMP commands via a crafted OMP request for version information, which causes the state to be set to CLIENT_AUTHENTIC, as demonstrated by the omp_xml_handle_end_element function in omp.c.

Test IDs: 1.3.6.1.4.1.25623.1.0.103832 1.3.6.1.4.1.25623.1.0.103827

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2013-6765
http://lists.wald.intevation.org/pipermail/openvas-announce/2013-November/000157.html
http://www.openwall.com/lists/oss-security/2013/11/10/2

CVE ID:	CVE-2013-6765
Description:	OpenVAS Manager 3.0 before 3.0.7 and 4.0 before 4.0.4 allows remote attackers to bypass the OMP authentication restrictions and execute OMP commands via a crafted OMP request for version information, which causes the state to be set to CLIENT_AUTHENTIC, as demonstrated by the omp_xml_handle_end_element function in omp.c.
Test IDs:	1.3.6.1.4.1.25623.1.0.103832 1.3.6.1.4.1.25623.1.0.103827
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2013-6765 http://lists.wald.intevation.org/pipermail/openvas-announce/2013-November/000157.html http://www.openwall.com/lists/oss-security/2013/11/10/2