2007-02-07 22:00:00
mitre
PUBLISHED
avast! Server Edition before 4.7.726 does not demand a password in a certain intended context, even when a password has been set, which allows local users to bypass authentication requirements.