Authentication Bypass Vulnerability in Avaya Argent Office 2.1
CVE-2001-1262

Currently unrated

Key Information:

Vendor: Avaya
Status: Argent Office
Vendor: CVE Published:; 7 August 2001

Summary

Avaya Argent Office 2.1 is vulnerable due to its method of comparing user-provided SNMP community strings. The application only validates the string's length up to the user-provided value, leaving the system open to exploitation. An attacker could bypass authentication by sending a request with a zero-length community string, effectively gaining unauthorized access. This vulnerability emphasizes the importance of robust input validation and secure configurations in network services.

References

http://online.securityfocus.com/archive/1/202344

mailing-listx_refsource_BUGTRAQ

http://www.iss.net/security_center/static/6955.php

vdb-entryx_refsource_XF

Timeline

Vulnerability Reserved
May 1, 2002
Vulnerability published
Aug 7, 2001