CVE-2013-6766

Name of the Vulnerable Software and Affected Versions OpenVAS Administrator versions 1.2 through 1.2.1 OpenVAS Administrator versions 1.3 through 1.3.1

Description The issue allows remote attackers to bypass authentication restrictions and execute commands via a crafted request for version information, causing the state to be set to CLIENT AUTHENTIC. This occurs due to a flaw in handling OAP requests.

Recommendations For OpenVAS Administrator versions 1.2 through 1.2.1, update to version 1.2.2 to resolve the issue. For OpenVAS Administrator versions 1.3 through 1.3.1, update to version 1.3.2 to resolve the issue.