The send_to_sourcefire function in manage_sql.c in OpenVAS Manager 3.x prior to 3.0.4 allows remote malicious users to execute arbitrary commands via the (1) IP address or (2) port number field in an OMP request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openvas openvas manager 3.0 |
||
openvas openvas manager 3.0.0 |
||
openvas openvas manager 3.0.1 |
||
openvas openvas manager 3.0.2 |
||
openvas openvas manager 3.0.3 |